Re: [CentOS] qemu-kvm images of old Windows XP SP3
On Sat, 2021-03-13 at 17:34 -0500, David McGuffey wrote: > On Mar 13, 2021, at 17:28, Jon LaBadie wrote: > > > > On Sat, Mar 13, 2021 at 10:03:54AM -0500, David McGuffey wrote: > > > I have a Nikon slide scanner (very high quality) for which the > > > software > > > has not been updated. It last ran on WinXP SP3 and I was not able > > > to > > > get it to run under Win 7 and certainly not Win 10. > > > > > > Anyone know where I can obtain images of this old OS to run in > > > CentOS 7 > > > under kvm? > > > > A search on DuckDuckGo (but not Google) led me to this .iso: > > > >https://archive.org/details/WinXPProSP3x86 > > > > -- > > Jon H. LaBadie j...@labadie.us > > Thank you. I’ll see if that loads as a VM. It doesn’t need to be > patched or be on the Internet. Just needs to load the Nikon software > and be able to pass-through the USB port to control the scanner. > > Will report back here once I’ve done that test. > > RESIST CENSORSHIP > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos Thanks to all who responded. I had checked out VuScan a couple of years ago on Win7 but the capabilities to remove imperfections and control the RBG settings is not as rich. Found an old CD with WinXP SP3 on it but qemu-kvm would not pass the CD to the VM creation process. Ended up moving everything to a USB stick. Successfully created the VM and installed the software. Next step is to hook up the USB scanner, pass it to the VM and test. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] qemu-kvm images of old Windows XP SP3
On Mar 13, 2021, at 17:28, Jon LaBadie wrote: > > On Sat, Mar 13, 2021 at 10:03:54AM -0500, David McGuffey wrote: >> I have a Nikon slide scanner (very high quality) for which the software >> has not been updated. It last ran on WinXP SP3 and I was not able to >> get it to run under Win 7 and certainly not Win 10. >> >> Anyone know where I can obtain images of this old OS to run in CentOS 7 >> under kvm? > > A search on DuckDuckGo (but not Google) led me to this .iso: > >https://archive.org/details/WinXPProSP3x86 > > -- > Jon H. LaBadie j...@labadie.us Thank you. I’ll see if that loads as a VM. It doesn’t need to be patched or be on the Internet. Just needs to load the Nikon software and be able to pass-through the USB port to control the scanner. Will report back here once I’ve done that test. RESIST CENSORSHIP ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] qemu-kvm images of old Windows XP SP3
I have a Nikon slide scanner (very high quality) for which the software has not been updated. It last ran on WinXP SP3 and I was not able to get it to run under Win 7 and certainly not Win 10. Anyone know where I can obtain images of this old OS to run in CentOS 7 under kvm? Dave McGuffey ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Timeout before trust answer with iPhone iOS 8
Until recently I've not had any problem connecting my iPhone 4s with iOS 8 to my CentOS 6.6 desktop to move pictures and videos. Problem occurs with my wife's new iPhone 5s. Now, before I can answer the Trust This Computer message on the iPhone, I get a DBus error: org.freedesktop.DBus.Error.NoReply: Message did not receive a reply (timeout by message bus) Searching this message reveals a lot of complaints by users on Ubuntu and a bug in a library. But this was back in 2012-2013. Couldn't find anything related to CentOS. Appears to be a timing issue...the timer expires before I can respond to the trust question on the iPhone. Any guidance on how to fix this? Is there a timeout setting somewhere down in udev, fuse, or gvfs? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DegradedArray message
On Thu, 2014-12-04 at 16:46 -0800, Gordon Messmer wrote: On 12/04/2014 05:45 AM, David McGuffey wrote: In practice, however, there's a bunch of information you didn't provide, so some of those steps are wrong. I'm not sure what dm-0, dm-2 and dm-3 are, but they're indicated in your mdstat. I'm guessing that you made partitions, and then made LVM or crypto devices, and then did RAID on top of that. If either of those are correct, that's completely the wrong way to build RAID sets. You risk either bad performance from doing crypto more often than is required, or possibly corruption as a result of LVM not mapping blocks the way you expect. If you build software RAID, I really strongly recommend that you keep it as simple as possible. That means a) build sofware RAID sets from raw partitions and b) use as few partitions as possible. Gordon, Agree, I've probably made it too complicated. It is a workstation with sensitive data on it so I've encrypted the partitions. md1 is fairly simple...two large disks in raid1, encrypted, and mounted as /home. md0 is probably way too complicated and not a good way to go. The sensitive data in md0 is in /var (virtual machines). I've backed up both /home and /var/lib/libvirt/images, so I think I'll start over on md0 with a new disk and a fresh install. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to configure xguest Firefox home page
I've installed CentOS 6.6 on a workstation at a local non-profit as a kiosk machine. I used xguest. Works great, except now the customer wants the Firefox homepage to be one pointing to a particular site. Doesn't seem to be much documentation on how to make minor changes to the account. Lots of SELinux guidance, but nothing about default home page, etc. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DegradedArray message
On Mon, 2014-12-08 at 21:11 -0500, David McGuffey wrote: On Thu, 2014-12-04 at 16:46 -0800, Gordon Messmer wrote: On 12/04/2014 05:45 AM, David McGuffey wrote: In practice, however, there's a bunch of information you didn't provide, so some of those steps are wrong. I'm not sure what dm-0, dm-2 and dm-3 are, but they're indicated in your mdstat. I'm guessing that you made partitions, and then made LVM or crypto devices, and then did RAID on top of that. If either of those are correct, that's completely the wrong way to build RAID sets. You risk either bad performance from doing crypto more often than is required, or possibly corruption as a result of LVM not mapping blocks the way you expect. If you build software RAID, I really strongly recommend that you keep it as simple as possible. That means a) build sofware RAID sets from raw partitions and b) use as few partitions as possible. Gordon, Agree, I've probably made it too complicated. It is a workstation with sensitive data on it so I've encrypted the partitions. md1 is fairly simple...two large disks in raid1, encrypted, and mounted as /home. md0 is probably way too complicated and not a good way to go. The sensitive data in md0 is in /var (virtual machines). I've backed up both /home and /var/lib/libvirt/images, so I think I'll start over on md0 with a new disk and a fresh install. Dave Armed with a backup I decided to use the disk utility GUI to check the array and then re-attach the disk. After a rebuild phase it reattached and the state changed to 'clean.' I rebooted to see if it would stay attached; it did. I'll still get ready for another failure. Will read up on the best methods to have an encrypted filesystem on top of raid-1. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DegradedArray message
Thanks for all the responses. A little more digging revealed: md0 is made up of two 250G disks on which the OS and a very large /var partions resides for a number of virtual machines. md1 is made up of two 2T disks on which /home resides. Challenge is that disk 0 of md0 is the problem and it has a 524M /boot partition outside of the raid partition. My plan is to back up /home (md1) and at a minimum /etc/libvirt and /var/lib/libvirt (md0) before I do anything else. Here are the log entries for 'raid' Dec 1 20:50:15 desk4 kernel: md/raid1:md1: not clean -- starting background reconstruction Dec 1 20:50:15 desk4 kernel: md/raid1:md1: active with 2 out of 2 mirrors Dec 1 20:50:15 desk4 kernel: md/raid1:md0: active with 1 out of 2 mirrors This is a desktop, not a server. We've had several short (20 sec) power outages over the last month. The last one was on 1 Dec. I suspect the sudden loss and restoration of power could have trashed a portion of disk 0 in md0. I finally obtained an APC UPS (BX1500G), installed, configured, and tested it. In the future, it will carry me through these short outages. I'll obtain a new 250G (or larger) drive and start rooting around for guidance on how to replace a drive with the MBR and /boot on it. On Wed, 2014-12-03 at 22:11 +0100, Leon Fauster wrote: Hi David, Am 03.12.2014 um 02:14 schrieb David McGuffey davidmcguf...@verizion.net: This is an automatically generated mail message from mdadm running on desk4 A DegradedArray event had been detected on md device /dev/md0. Faithfully yours, etc. P.S. The /proc/mdstat file currently contains the following: Personalities : [raid1] md0 : active raid1 dm-2[1] 243682172 blocks super 1.1 [2/1] [_U] bitmap: 2/2 pages [8KB], 65536KB chunk md1 : active raid1 dm-3[0] dm-0[1] 1953510268 blocks super 1.1 [2/2] [UU] bitmap: 3/15 pages [12KB], 65536KB chunk the reason why one drive was kicked out (above [_U] ) will be in /var/log/messages. If it is also part of md1 then it should be manually removed from md1 before replacing the hd. -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] DegradedArray message
Received the following message in mail to root: Message 257: From root@desk4.localdomain Tue Oct 28 07:25:37 2014 Return-Path: root@desk4.localdomain X-Original-To: root Delivered-To: root@desk4.localdomain From: mdadm monitoring root@desk4.localdomain To: root@desk4.localdomain Subject: DegradedArray event on /dev/md0:desk4 Date: Tue, 28 Oct 2014 07:25:27 -0400 (EDT) Status: RO This is an automatically generated mail message from mdadm running on desk4 A DegradedArray event had been detected on md device /dev/md0. Faithfully yours, etc. P.S. The /proc/mdstat file currently contains the following: Personalities : [raid1] md0 : active raid1 dm-2[1] 243682172 blocks super 1.1 [2/1] [_U] bitmap: 2/2 pages [8KB], 65536KB chunk md1 : active raid1 dm-3[0] dm-0[1] 1953510268 blocks super 1.1 [2/2] [UU] bitmap: 3/15 pages [12KB], 65536KB chunk unused devices: none q Held 314 messages in /var/spool/mail/root You have mail in /var/spool/mail/root Ran a madam query against both raid partitions: [root@desk4 ~]# mdadm --query --detail /dev/md0 /dev/md0: Version : 1.1 Creation Time : Thu Nov 15 19:24:17 2012 Raid Level : raid1 Array Size : 243682172 (232.39 GiB 249.53 GB) Used Dev Size : 243682172 (232.39 GiB 249.53 GB) Raid Devices : 2 Total Devices : 1 Persistence : Superblock is persistent Intent Bitmap : Internal Update Time : Tue Dec 2 20:02:55 2014 State : active, degraded Active Devices : 1 Working Devices : 1 Failed Devices : 0 Spare Devices : 0 Name : desk4.localdomain:0 UUID : 29f70093:ae78cf9f:0ab7c1cd:e380f50b Events : 266241 Number Major Minor RaidDevice State 0 000 removed 1 25331 active sync /dev/dm-3 [root@desk4 ~]# [root@desk4 ~]# mdadm --query --detail /dev/md1 /dev/md1: Version : 1.1 Creation Time : Thu Nov 15 19:24:19 2012 Raid Level : raid1 Array Size : 1953510268 (1863.01 GiB 2000.39 GB) Used Dev Size : 1953510268 (1863.01 GiB 2000.39 GB) Raid Devices : 2 Total Devices : 2 Persistence : Superblock is persistent Intent Bitmap : Internal Update Time : Tue Dec 2 20:06:21 2014 State : active Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 Name : desk4.localdomain:1 UUID : 1bef270d:36301a24:7b93c7a9:a2a95879 Events : 108306 Number Major Minor RaidDevice State 0 25300 active sync /dev/dm-0 1 25311 active sync /dev/dm-1 [root@desk4 ~]# Appears to me that device 0 (/dev/dm-2) on md0 has been removed because of problems. This is my first encounter with a raid failure. I suspect I should replace disk 0 and let the raid rebuild itself. Seeking guidance and a good source for the procedures. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Linux alternative to MS OneNote
On Sun, 2013-11-24 at 07:48 -0500, David McGuffey wrote: Have been looking for an alternative to OneNote which will run on CentOS. I've looked at Evernote, but it's support for Linux is emerging (supports Android, but not other flavors yet). I've looked at nixnote, but it looks as though I might have to make from source. I can do that, but would prefer to find something in the standard CentOS repositories. None of the other recommendations I've found out on the net show up in any 'yum list recommended-tool' runs. Most seem to recommend getting an MS Live account and accessing OneNote in the MS cloud with a browser. I suppose I could do that, but would prefer my data stay on my CentOS box. Any recommendations here? Dave M There has been a lot of traffic on the list...especially with the release of 6.5 and the impending release of 7.0 beta. My question probably got buried. Any thoughts on this? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Linux alternative to MS OneNote
Have been looking for an alternative to OneNote which will run on CentOS. I've looked at Evernote, but it's support for Linux is emerging (supports Android, but not other flavors yet). I've looked at nixnote, but it looks as though I might have to make from source. I can do that, but would prefer to find something in the standard CentOS repositories. None of the other recommendations I've found out on the net show up in any 'yum list recommended-tool' runs. Most seem to recommend getting an MS Live account and accessing OneNote in the MS cloud with a browser. I suppose I could do that, but would prefer my data stay on my CentOS box. Any recommendations here? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to re-enable Adobe Flash in Firefox
Mozilla seems to have disabled Adobe Flash in a recent update. I have one 6.3 Desktop load that I need flash. when directed to the Adobe site and download the latest version, yum tells me I have the latest version for x86_64 already installed. I must keep the wife happy with Facebook and YouTube--and if the wife isn't happy, no one in the house is happy. How do I re-enable flash? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Force CentOS 6.3 to discover new video card
I want to add a new video card that will drive multiple monitors. Current installation of CentOS 6.3 x86_64 is working well with the hdmi output of the motherboard. Once I install the new video card, how do I force 6.3 to discover and configure it? Seems with 6.0 and newer, system-config-display is gone and replaced with a combination of udev and xrandr. I'm not familiar with these and don't want to mess up a working system. Tips/pointers to some decent guidance/how-to docs would be appreciated. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Advanced Persistent Threats; Why aren't we confining Firefox and Evolution?
Moat of the advanced persistent threats (APT) are initiated via e-mail. Opening an attachment or clicking on a web link starts the process. Why isn't Firefox and Evolution confined with SELinux policy in a way that APT can't damage the rest of the system? Why are we not sandboxing these two apps with SELinux? I've discovered some guidance for sandboxing Firefox using the 'sandbox' command. Once I test it a bit, I'll post the results back here. Seems to me that if this works, it should be the default. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Log viewing and analysis tools
I have a requirement to allow our security officer to regularly view and analyze the logging and auditing results of one of the machines in our lab. He comes from the Microsoft Windows world and is not a *nix trained person. I know I can configure logwatch. I can also create a script containing various 'aureport' runs into a cron job. Any recommendations for a GUI-based tool that would be easy for him to learn? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS lookup delay with centos postfix
On Jul 25, 2012, at 21:27, Joseph L. Casale jcas...@activenetwerx.com wrote: DNS lookups default to using 53/udp, and only use 53/tcp for zone transfers. could it be 53/udp is being lost/blocked between this host and your ns1 ? Unfortunately that is a common misconception. Tcp is used far more often than only as stated such as for size of request exceeding udp response size etc... Bottom line is both ports are needed, not just for zone xfers. Except that the malware guys have figured out how to abuse port 53. Security recommendation is to block TCP unless you're running a DNS server. And also block oversize port 53 UDP packets. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SELinux is preventing /usr/libexec/postfix/pickup from module_request
Getting module_request errors from SELinux. Errors being thrown by metacity sendmail.postfix cleanup trivial-rewarite local postdrop pickup All errors are essentially the same System was working well until I began to apply some basic security hardening configuration. Postfix started complaining when I made /tmp noexec, nodev, nosuid, and then did a mount --bind of /var/tmp under /tmp. Backed that out the remount of /var/tmp and those errors went away. But then these errors started showing up. Here is an example of a postfix pickup error. What is going on? I could allow the module to load, but I want to understand what is going on and the dangers of making the mod before I do it. SELinux is preventing /usr/libexec/postfix/pickup from module_request access on the system Unknown. * Plugin catchall_boolean (89.3 confidence) suggests *** If you want to allow all domains to have the kernel load modules Then you must tell SELinux about this by enabling the 'domain_kernel_load_modules' boolean. Do setsebool -P domain_kernel_load_modules 1 * Plugin catchall (11.6 confidence) suggests *** If you believe that pickup should be allowed module_request access on the Unknown system by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep pickup /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Contextsystem_u:system_r:postfix_pickup_t:s0 Target Contextsystem_u:system_r:kernel_t:s0 Target ObjectsUnknown [ system ] Sourcepickup Source Path /usr/libexec/postfix/pickup Port Unknown Host desk.localdomain Source RPM Packages postfix-2.6.6-2.2.el6_1 Target RPM Packages Policy RPMselinux-policy-3.7.19-126.el6_2.10 Selinux Enabled True Policy Type targeted Enforcing ModeEnforcing Host Name desk.localdomain Platform Linux desk.localdomain 2.6.32-220.13.1.el6.x86_64 #1 SMP Tue Apr 17 23:56:34 BST 2012 x86_64 x86_64 Alert Count 24 First SeenFri 27 Apr 2012 02:46:55 PM MDT Last Seen Sun 29 Apr 2012 05:10:32 AM MDT Local ID 4b8e5292-93f1-4e69-8bb4-4ea70bc5232e Raw Audit Messages type=AVC msg=audit(1335697832.612:34911): avc: denied { module_request } for pid=24226 comm=pickup kmod=net-pf-10 scontext=system_u:system_r:postfix_pickup_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system type=SYSCALL msg=audit(1335697832.612:34911): arch=x86_64 syscall=socket success=no exit=EAFNOSUPPORT a0=a a1=1 a2=0 a3=7fff3ca82190 items=0 ppid=1925 pid=24226 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=pickup exe=/usr/libexec/postfix/pickup subj=system_u:system_r:postfix_pickup_t:s0 key=(null) Hash: pickup,postfix_pickup_t,kernel_t,system,module_request audit2allow #= postfix_pickup_t == # This avc can be allowed using the boolean 'domain_kernel_load_modules' allow postfix_pickup_t kernel_t:system module_request; audit2allow -R #= postfix_pickup_t == # This avc can be allowed using the boolean 'domain_kernel_load_modules' allow postfix_pickup_t kernel_t:system module_request; ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS-virt] virt-io drivers for 64 bit Win7 needed for USB passthrough?
Have been trying to get a 64-bit Win7 guest to access a usb thumbdrive (and eventually an Apple iTouch). Host is CentOS 6.2 and the guest is running under qemu-kvm with SELinux enabled and sVirt separating guests from each other and guests from the host. Do I need to install the virt-io drivers in the Win7 guest, or are there more permission and SELinux blocks in my path? Dave ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Pass iPhone/iTouch through kvm to Win7 VM?
On Sun, 2011-12-25 at 08:19 -0500, David McGuffey wrote: Started this over on the main list, but remembered there is a CentOS-virt list also where this would be more appropriate. At home, I'm all Linux and only run Windows in VMs when I absolutely have to (e.g., TurboTax on Win7 during the tax filing season). Now I'm trying to get Win7 running in a VM on CentOS 5.6 and kvm to connect to my iTouch and iPhone so I can sync them with iTunes. When I plug the iPhone in and run lsusb I get an address of 05AC:12A0 Bus 006 Device 001: ID : Bus 007 Device 001: ID : Bus 005 Device 001: ID : Bus 002 Device 001: ID : Bus 001 Device 011: ID 05ac:12a0 Apple, Inc. Bus 001 Device 001: ID : Bus 004 Device 001: ID : Bus 003 Device 001: ID : I put that into a hostdev block in the xml file that defines the VM. hostdev mode='subsystem' type='usb' managed='no' source vendor id='0x05AC'/ product id='0x12A0'/ /source /hostdev But...no joy. Win7 works in all other aspects...just won't connect to a usb device. Anyone get kvm to pass an iTouch or iPhone through to the VM so it can communicate with iTunes? I'm thinking this may be a permissions and SELinux issue...the usb device is owned by 'dave' (my CentOS login id), but the VM is owned by kvm (different owner and different SELinux context). I remember reading a lengthy discussion on how to get kvm to run as as a regular user...will have to go find it. Once I clean the host up and back up some data, I'll be migrating to CentOS 6.2. Does that version have more capability to deal with usb pass-through? Dave bump Any tips? Dave ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Pass iPhone/iTouch through kvm to Win7 VM?
On Sat, 2011-12-24 at 17:53 -0500, David McGuffey wrote: I'm all Linux at home and trying to get a Win7 running in a VM on CentOS 5.6 and kvm to connect to my iTouch and iPhone. When I plug the iPhone in and run lsusb I get an address of 05AC:12A0 I put that into a hostdev block in the xml file that defines the VM. hostdev mode='subsystem' type='usb' managed='no' source vendor id='0x0781'/ product id='0x554f'/ /source /hostdev But...no joy. Anyone get kvm to pass an iTouch or iPhone through to the VM so it can communicate with iTunes? Dave Closing this out here and moving it to CentOS-virt BTW, the hostdev block above is incorrect...that is a copy of the block before I replaced the vendor id and product id with the ones from the iPhone. The xml file in /etc/libvirt/qemu is correct, and should work. I'm thinking this may be a permissions and SELinux issue...the usb device is owned by 'dave' (my CentOS login id), but the VM is owned by kvm (different owner and different SELinux context). I remember reading a lengthy discussion on how to get kvm to run as as a regular user...will have to go find it. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Pass iPhone/iTouch through kvm to Win7 VM?
I'm all Linux at home and trying to get a Win7 running in a VM on CentOS 5.6 and kvm to connect to my iTouch and iPhone. When I plug the iPhone in and run lsusb I get an address of 05AC:12A0 I put that into a hostdev block in the xml file that defines the VM. hostdev mode='subsystem' type='usb' managed='no' source vendor id='0x0781'/ product id='0x554f'/ /source /hostdev But...no joy. Anyone get kvm to pass an iTouch or iPhone through to the VM so it can communicate with iTunes? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Minimal Desktop in CentOS6 with kvm
Trying to build a more secure version of a desktop with virtualization enabled. Goal is to perform most Internet surfing and on-line banking from a special-built and hardened Linux load. Have built a bunch of complete Desktop versions of CentOS 5.5, 5.6, and 6.0 with this capability. This is the first time I've tried to go smaller. And smaller it is...by about 900 packages. Built a CentOS 6 Minimum Desktop today. During the install I added virtualization. Virtualization works, but the guest OS can't communicate via the virtio interface. Anyone able to do this? Any tips on what might be missing in the load? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] VirtualBox on CentOS 6.0?
I have an older quad-core AMD processor that supports hardware virtualization on a motherboard that does not support it in the bios. Eventually I'll swap the mobo out on this box for one that will support hardware virtualization and use qemu-kvm. I prefer kvm because of SELinux and sVirt that protects the host from VM breakout should a VM become hostile. In the meantime, I want to start work on a web project and want to use this idle machine and CentOS 6.0 in a VM. What I prototype and learn will eventually be moved to the production machine using kvm and sVirt. So...I downloaded and installed Virtualbox 4.x but haven't yet had the time to check it out. Any tips/tricks concerning it? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [SOLVED] How to remove Microsoft soft raid?
On Thu, 2011-07-21 at 11:17 -0400, Phil Schaffner wrote: Drew wrote on 07/21/2011 11:09 AM: From the sounds of it it's fake raid. M$ doesn't leave any signatures on their raid system that linux will detect. dm/md raid can see fakeraid signatures in newer versions so the installer may be picking up on that. So, erasing the RAID signatures with dd in addition to changing the BIOS setting, is indicated. Phil Used a CentOS 6 Live DVD to boot. Then discovered that under ApplicationsSystemDisk Utilities one can manage disks to include busting up old raid devices and partitions. Whatever raid metadata was written by WinXP-64 was destroyed and I was able to do a proper install of CentOS 6. Thanks go to the upstream developers for enhancing the disk utilities. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to remove Microsoft soft raid?
Have a quad core workstation that was running WinXP_64 that I want to blow away and install CentOS 6. C6 install process finds raid metadata associated with sda and sdb, and then excludes them from the rest of the installation process. There doesn't appear to be an option for disassembling the raid as part of the install process. I think there should be. Any tricks to removing/by-passing the soft raid left over from the previous OS? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Still a kvm problem after 5.6 upgrade
On Fri, 2011-04-22 at 06:50 -0400, David McGuffey wrote: On Fri, 2011-04-22 at 06:18 -0400, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/21/2011 09:47 PM, David McGuffey wrote: On Thu, 2011-04-21 at 21:09 -0400, David McGuffey wrote: On Thu, 2011-04-21 at 18:01 +0200, Kenni Lund wrote: 2011/4/21 Johnny Hughes joh...@centos.org: On 04/21/2011 06:11 AM, David McGuffey wrote: redlibvirtError: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda Problem may be an SELinux problem. Here is the alert. Notice the reference to '/dev/hda' (which is the virtual machine boot disk), and the SELinux context 'virt_content_t' Summary: SELinux is preventing pam_console_app (pam_console_t) getattr to /dev/hda (virt_content_t). ... Detailed Description: SELinux denied access requested by pam_console_app. It is not expected that this access is required by pam_console_app and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. ... Yep...each time I try to start the VM, sealert increments this error by one. I created /.autorelable and rebooted. SELinux relabeled everything, but the sealert still fires when I try to start the VM. I did a qemu-img path_to_vm/vm.img and the format is declared 'raw' Therefore I should not be editing the vm.xml file and changing 'raw' to 'qcow2' Problem is definately with the SELlnux labels in the 5.6 upgrade. Dave M ... This is an SELinux issue. It really has no effect on the virtual machine. The problem is the label is not something pam_console policy expected to have on a blk device. Yes, I was lured by the coincidence of the sealert and my effort to start the VM. The fact that the blk device in question happens to register as /dev/hda and the VM also uses an internal virtual device called /dev/hda can lead one astray. I'm still left without an answer as to why virsh won't create or define--start a VM after the upgrade. [root@desk dev]# cd /etc/libvirt/qemu [root@desk qemu]# virsh create Win7-base.xml error: Failed to create domain from Win7-base.xml error: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda using qemu-img against the image file reports 'raw' not 'qcow2' So...I should not have to edit the .xml file...it is already correct. [root@desk images]# qemu-img info Win7-base.img image: Win7-base.img file format: raw virtual size: 29G (3145728 bytes) disk size: 29G This is not good. I've been developing a prototype which uses several VMs under qemu-kvm. I'm now starting to question whether CentOS is the right tool to be using for prototyping capability that may eventually roll onto regular RHEL. Did some more poking around and this is an SELinux problem. SELinux is denying access to /dev/hda. /dev/hda turns out to be the CDROM/DVD R/W device on the EIDE port of the motherboard. Lots of alias devices are linked to it. When I try to start a VM that has a cdrom defined, selinux stops the access and virsh (and Virtual Machine Manager) will report an error accessing /dev/hda (the cdrom). Here is the cdrom portion of the xml disk type='block' device='cdrom' driver name='qemu' type='raw'/ source dev='/dev/hda'/ target dev='hdc' bus='ide'/ readonly/ address type='drive' controller='0' bus='1' unit='0'/ /disk As soon as I detached the cdrom device from the VM, the VM starts and runs A-OK. Here is a listing of all the hda devices (blk and links) in /dev [root@desk ~]# cd /dev/ [root@desk dev]# ls -Z |grep hda lrwxrwxrwx root root system_u:object_r:device_t cdrom-hda lrwxrwxrwx root root system_u:object_r:device_t cdrw-hda lrwxrwxrwx root root system_u:object_r:device_t cdwriter-hda lrwxrwxrwx root root system_u:object_r:device_t dvd-hda lrwxrwxrwx root root system_u:object_r:device_t dvdrw-hda lrwxrwxrwx root root system_u:object_r:device_t dvdwriter-hda brw--- dave disk system_u:object_r:virt_content_t hda Notice the selinux context includes 'virt_content_t' I'm not sure this is right or wrong. What is strange is the owner:group of hda is my normal (unprivileged) user login 'dave' I would have thought it would be root:kvm (where dave is a member of kvm). Methinks either the owner:group or the selinux context of hda is wrong, or the linked devices may also need to have the 'virt_content_t' context. I just downloaded a fresh 5.6 iso and will build it on a spare machine. Goal is to see what kind of devices are created and what kind of owner:group permissions are given and what kind of selinux context is given to /dev/hda. They may
Re: [CentOS] Still a kvm problem after 5.6 upgrade
On Fri, 2011-04-22 at 06:18 -0400, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/21/2011 09:47 PM, David McGuffey wrote: On Thu, 2011-04-21 at 21:09 -0400, David McGuffey wrote: On Thu, 2011-04-21 at 18:01 +0200, Kenni Lund wrote: 2011/4/21 Johnny Hughes joh...@centos.org: On 04/21/2011 06:11 AM, David McGuffey wrote: redlibvirtError: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda Problem may be an SELinux problem. Here is the alert. Notice the reference to '/dev/hda' (which is the virtual machine boot disk), and the SELinux context 'virt_content_t' Summary: SELinux is preventing pam_console_app (pam_console_t) getattr to /dev/hda (virt_content_t). ... Detailed Description: SELinux denied access requested by pam_console_app. It is not expected that this access is required by pam_console_app and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. ... Yep...each time I try to start the VM, sealert increments this error by one. I created /.autorelable and rebooted. SELinux relabeled everything, but the sealert still fires when I try to start the VM. I did a qemu-img path_to_vm/vm.img and the format is declared 'raw' Therefore I should not be editing the vm.xml file and changing 'raw' to 'qcow2' Problem is definately with the SELlnux labels in the 5.6 upgrade. Dave M ... This is an SELinux issue. It really has no effect on the virtual machine. The problem is the label is not something pam_console policy expected to have on a blk device. Yes, I was lured by the coincidence of the sealert and my effort to start the VM. The fact that the blk device in question happens to register as /dev/hda and the VM also uses an internal virtual device called /dev/hda can lead one astray. I'm still left without an answer as to why virsh won't create or define--start a VM after the upgrade. [root@desk dev]# cd /etc/libvirt/qemu [root@desk qemu]# virsh create Win7-base.xml error: Failed to create domain from Win7-base.xml error: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda using qemu-img against the image file reports 'raw' not 'qcow2' So...I should not have to edit the .xml file...it is already correct. [root@desk images]# qemu-img info Win7-base.img image: Win7-base.img file format: raw virtual size: 29G (3145728 bytes) disk size: 29G This is not good. I've been developing a prototype which uses several VMs under qemu-kvm. I'm now starting to question whether CentOS is the right tool to be using for prototyping capability that may eventually roll onto regular RHEL. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Still a kvm problem after 5.6 upgrade
After the upgrade, my VMs stopped loading. Found others with the problem and followed the guidance to use virsh to dump the xml file of the VM, undefine the VM, edit the xml file to change 'raw' to 'qcow2', redefine the VM from the edited xml, and restart the machine. I still get the following error when I try to start the VM: redlibvirtError: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda A libvirt update came in last night, so I was hoping the update would allow libvirt to automatically recognize the type of image file (as previous versions did). Nope. Any other thoughts? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Still a kvm problem after 5.6 upgrade
On Thu, 2011-04-21 at 18:01 +0200, Kenni Lund wrote: 2011/4/21 Johnny Hughes joh...@centos.org: On 04/21/2011 06:11 AM, David McGuffey wrote: redlibvirtError: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda You should not need to do anything in virsh to dump a file ... there should be an xml file in /etc/libvirt/qemu/ for every VM already. The XML-files in /etc/libvirt/qemu represent libvirt defined VMs, you should never edit these files directly while the libvirtd service is running. You should either use 'virsh edit [vm_name]' or alternatively virsh dump followed by virsh define. If you edit the file directly while some manager is running (like virt-manager in CentOS), your changes will most likely conflict with, or get overwritten by, virt-manager. Nothing critical should happen, but I don't see any reason for encouraging doing it The Wrong Way(TM). Best regards Kenni Problem may be an SELinux problem. Here is the alert. Notice the reference to '/dev/hda' (which is the virtual machine boot disk), and the SELinux context 'virt_content_t' I'm going to create /.autorelable and reboot to ensure the upgrade properly relabled the filesystems. Summary: SELinux is preventing pam_console_app (pam_console_t) getattr to /dev/hda (virt_content_t). Detailed Description: SELinux denied access requested by pam_console_app. It is not expected that this access is required by pam_console_app and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /dev/hda, restorecon -v '/dev/hda' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Contextsystem_u:system_r:pam_console_t:SystemLow- SystemHigh Target Contextsystem_u:object_r:virt_content_t Target Objects/dev/hda [ blk_file ] Sourcepam_console_app Source Path /sbin/pam_console_apply Port Unknown Host d...@mydomain.net Source RPM Packages pam-0.99.6.2-6.el5_5.2 Target RPM Packages Policy RPMselinux-policy-2.4.6-300.el5 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing ModeEnforcing Plugin Name catchall_file Host Name d...@mydomain.net Platform Linux d...@mydomain.net 2.6.18-238.9.1.el5 #1 SMP Tue Apr 12 18:10:13 EDT 2011 x86_64 x86_64 Alert Count 48 First SeenWed 13 Apr 2011 08:41:32 AM EDT Last Seen Thu 21 Apr 2011 07:05:23 AM EDT Local ID 9ee6c9a9-3eda-4082-84d3-5741ea9ff688 Line Numbers Raw Audit Messages host= d...@mydomain.net type=AVC msg=audit(1303383923.130:356): avc: denied { getattr } for pid=15025 comm=pam_console_app path=/dev/hda dev=tmpfs ino=6206 scontext=system_u:system_r:pam_console_t:s0-s0:c0.c1023 tcontext=system_u:object_r:virt_content_t:s0 tclass=blk_file host= d...@mydomain.net type=SYSCALL msg=audit(1303383923.130:356): arch=c03e syscall=4 success=no exit=-13 a0=7fff2014b170 a1=7fff2014b1a0 a2=7fff2014b1a0 a3=18cba490 items=0 ppid=15014 pid=15025 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=pam_console_app exe=/sbin/pam_console_apply subj=system_u:system_r:pam_console_t:s0-s0:c0.c1023 key=(null) Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Still a kvm problem after 5.6 upgrade
On Thu, 2011-04-21 at 21:09 -0400, David McGuffey wrote: On Thu, 2011-04-21 at 18:01 +0200, Kenni Lund wrote: 2011/4/21 Johnny Hughes joh...@centos.org: On 04/21/2011 06:11 AM, David McGuffey wrote: redlibvirtError: internal error Process exited while reading console log output: qemu: could not open disk image /dev/hda You should not need to do anything in virsh to dump a file ... there should be an xml file in /etc/libvirt/qemu/ for every VM already. The XML-files in /etc/libvirt/qemu represent libvirt defined VMs, you should never edit these files directly while the libvirtd service is running. You should either use 'virsh edit [vm_name]' or alternatively virsh dump followed by virsh define. If you edit the file directly while some manager is running (like virt-manager in CentOS), your changes will most likely conflict with, or get overwritten by, virt-manager. Nothing critical should happen, but I don't see any reason for encouraging doing it The Wrong Way(TM). Best regards Kenni Problem may be an SELinux problem. Here is the alert. Notice the reference to '/dev/hda' (which is the virtual machine boot disk), and the SELinux context 'virt_content_t' I'm going to create /.autorelable and reboot to ensure the upgrade properly relabled the filesystems. Summary: SELinux is preventing pam_console_app (pam_console_t) getattr to /dev/hda (virt_content_t). Detailed Description: SELinux denied access requested by pam_console_app. It is not expected that this access is required by pam_console_app and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /dev/hda, restorecon -v '/dev/hda' Yep...each time I try to start the VM, sealert increments this error by one. I created /.autorelable and rebooted. SELinux relabeled everything, but the sealert still fires when I try to start the VM. I did a qemu-img path_to_vm/vm.img and the format is declared 'raw' Therefore I should not be editing the vm.xml file and changing 'raw' to 'qcow2' Problem is definately with the SELlnux labels in the 5.6 upgrade. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] update fuzzed display -- how to probe and force driver updates
Did a yum update on a CentOS 5.5 box at home when I got back from a business trip. Update seemed to run without errors, but after a reboot, the display is grainy and the colors are not true. Have spent nearly all my time over the last couple of years working at the network and virtualization layers on servers and have mostly ignored the X subsystem running at home. So I'm not current with it or the tools to configure it. How do I force kudzu to detect the hardware and force a re-installation of the proper drivers? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Got no login screen with the new 5.6 kernel
On Wed, 2011-04-13 at 19:14 -0400, Stanley A. Klein wrote: On Wed, April 13, 2011 12:00 pm, m.r...@5-cent.us wrote: Phil Schaffner wrote: Stanley A. Klein wrote on 04/12/2011 01:55 PM: I did the 5.6 update yesterday. When I started the machine today, I did not get a login screen -- it was just a blank screen with no cursor or anything. I shut down, restarted and when grub came up selected the previous kernel. The system came up as usual, presented a login screen, and is working OK. There is apparently something buggy related to the new kernel (2.6.18-238.5.1.el5). Problem solved, but rather strange. When I first booted with the previous kernel I looked at /var/log/messages and didn't see anything useful. Today, I selected the previous kernel from the grub screen and looked at /var/log/Xorg.0.log. The date in the file was today, so that was from the current boot, not from the time it failed to give the login screen. I edited inittab to default to runlevel 3. I got the runlevel 3 login prompt, did startx, and the GUI came up. I restored the runlevel 5 default in inittab and rebooted letting the new kernel get selected by default. The login screen came up. It must have had something to do with the initialization of X on the first boot under 5.6. Your suggestions helped. Thanks. I had a grainy display and strange colors after my update. I ended up reinstalling the xorg drivers, selecting an incorrect video card, which caused X to probe the hardware and build a good config. Something definitely bizarre about the 5.6 upgrade and X. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtual Machine Manager Doesn't see vmx flag
On Wed, 2011-03-16 at 03:36 -0500, Johnny Hughes wrote: On 03/15/2011 08:17 PM, David McGuffey wrote: ... Did you verify that this was working before applying those settings in the NSA guide? No...the prototype worked A-OK on another machine with the same CentOS 5.5 DVD, so I focused on the security hardening process...my bad...won't do that again. What does/is VMM claiming ... are you seeing only fully virtualized and not paravirtualized as a selection or what is the problem that you are encountering? I am not an expert on KVM, but when I install a KVM VM in Virtual Machine Manager, I have to select Fully Virtualized initally, then if I want to install the virtio (paravirtualized) drivers, I need to do it like this: The selection for full/para virtualization is locked in para and all grayed out. I am fairly sure that only if you are running Xen will you actually see a Paravirtualized selection in Virtual Machine Manager ... however I would suggest that you use KVM and not Xen as KVM is where RHEL Virtualization is moving towards and Xen is being moved away from. Not running the xen kernel. The BIOS of many machines can disable virtual machine extensions (also called other things ... usually with Virtual, Virtual Technologies, or VT in the name). According to KVM (link below), sometimes certain settings do need to be turned off while others need to be on, so there may be a specific set of on and off that make it work on this type of machine. That must be the problem. Searching dmesg shows the following two lines next to each other: kvm: disabled by bios ksm: loaded mobprobe kvm-intel also reports: .../weak-updates/kmod-kvm... A search of that gives some guidance, but I'm sure the first challenge I have is to find the right bios settings, possibly updating the bios along the way. So, it is possible for vmx to show up in the cpu flags but for it to be disabled. Specifically, some Dell machines need Trusted Computer or Trusted Execution enabled as well. http://www.linux-kvm.org/page/FAQ#.22KVM:_disabled_by_BIOS.22_error Verifying the latest version of the BIOS is installed can be very important for memory sizes greater than 4 GB of RAM and proper APIC operation on Linux as well. If you need to flash the BIOS on a Dell machine that has Linux installed, I use a Free DOS iso to boot from and put the Dell BIOS on my USB key, which is normally detected as C: or D: on my machines when booting the Free Dos ISO. I use fdfullcd.iso from here (use the LiveCD and do NOT install Free DOS on your main drive :D): Thanks...that is probably what I'm going to have to do. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Virtual Machine Manager Doesn't see vmx flag
Finished installing CentOS 5.5 x86_64 on a new Dell tower workstation that has a quad core Intel processor and 8 GB of ram. BIOS has hardware virtualization support enabled. /proc/cpuinfo shows that all four cores have the vmx flag present. I applied a lot of the National Security Agency guide for securing Red Hat Linux 5, testing the key applications I need as I went. At the end of the process I bring up VMM and it claims that the hardware doesn't support full virtualization. I'm going to go back through the NSA guide today looking for settings that might have an impact. My goal is to find and back out 1 or more settings rather than start from scratch with a full reload. Any ideas where I should focus my efforts? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtual Machine Manager Doesn't see vmx flag
On Tue, 2011-03-15 at 21:21 +0100, Athmane Madjoudj wrote: On 03/15/2011 12:54 PM, David McGuffey wrote: Finished installing CentOS 5.5 x86_64 on a new Dell tower workstation that has a quad core Intel processor and 8 GB of ram. BIOS has hardware virtualization support enabled. /proc/cpuinfo shows that all four cores have the vmx flag present. I applied a lot of the National Security Agency guide for securing Red Hat Linux 5, testing the key applications I need as I went. At the end of the process I bring up VMM and it claims that the hardware doesn't support full virtualization. Can you see if kvm modules are loaded: lsmod | grep kvm Example in my laptop (Intel C2D): $ lsmod | grep kvm kvm_intel 41950 0 kvm 257356 1 kvm_intel HTH I'll check tomorrow when I'm at the machine. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] python-dbus
What is this all about? Seems to be related to my attempt to load hplip-3.10.9 to support an HP Photosmart 3210 all-in-one for scanning through saned. from /var/log/messages: Jan 31 20:07:26 desk python: [2851]: error: dbus failed to load (python-dbus ver. 0.80+ required). Exiting... Jan 31 20:07:49 desk python: hp-systray[3402]: warning: Qt/PyQt 4 initialization failed. When I check for python-dbus with yum, it doesn't show in the nomal mirrors. [root@desk log]# yum info python-dbus Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * addons: mirrors.finalasp.com * base: yum.singlehop.com * centosplus: mirror.web-ster.com * extras: mirrors.finalasp.com * rpmforge: fr2.rpmfind.net * updates: mirror.trouble-free.net addons| 951 B00:00 base | 2.1 kB 00:00 centosplus| 1.9 kB 00:00 extras| 2.1 kB 00:00 rpmforge | 1.1 kB 00:00 updates | 1.9 kB 00:00 Excluding Packages in global exclude list Finished 202 packages excluded due to repository priority protections Error: No matching Packages to list [root@desk log]# ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Scanner and CentOS 5.5
On Mon, 2011-01-17 at 03:42 +0100, Nicolas Thierry-Mieg wrote: David McGuffey wrote: On Sat, 2011-01-08 at 15:19 -0600, Barry Brimer wrote: RHEL/CentOS have very old packages for HP printer/scanner support, although there will be a vastly updated version available in 5.6. I just got a new All-in-One e709a to work across the network with the packages from rpmforge. You can use rpmforge through yum, or download the packages directly at http://packages.sw.be/hplip/ Once installed, run (as root) hp-setup I have had rpmforge installed for some time. 'yum list hplip' gives me an old 1.x version that is installed. that old version is in centos. Rpmforge now has several repos, packages that upgrade base centos rpms are now in the rpmforge-extras repo. This includes hplip which is at 3.10.6 in rpmforge-extras. See http://lists.rpmforge.net/pipermail/users/2010-November/003411.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos With CentOS 6 coming out one day, I think I'll wait...migrate to 6, then revisit getting the HP Photosmart 3210 All-in-One to scan and fax. But I will keep your guidance in mind. Thanks. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Scanner and CentOS 5.5
On Sat, 2011-01-08 at 15:19 -0600, Barry Brimer wrote: I've been to the sane site and looked at the backends. The HP 3210 is supported by hpio and there is a note that hpio is no longer needed because the functionality has been rolled int hplip. yum shows hplip is installed: hplip.x86_64 1.6.7-4.1.el5.4 installed iptables allows all outbound and established. Anyone successfully scanning from an HP Photosmart network printer? RHEL/CentOS have very old packages for HP printer/scanner support, although there will be a vastly updated version available in 5.6. I just got a new All-in-One e709a to work across the network with the packages from rpmforge. You can use rpmforge through yum, or download the packages directly at http://packages.sw.be/hplip/ Once installed, run (as root) hp-setup Barry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I have had rpmforge installed for some time. 'yum list hplip' gives me an old 1.x version that is installed. I obtained hplip-3.10.9 from sourceforge hplip project. When I run it here is the output: DISTRO/OS CONFIRMATION -- Distro appears to be CentOS 5.5. Is CentOS 5.5 your correct distro/OS and version (y=yes*, n=no, q=quit) ? y SELECT HPLIP OPTIONS You can select which HPLIP options to enable. Some options require extra dependencies. Do you wish to enable 'Network/JetDirect I/O' (y=yes*, n=no, q=quit) ? y Do you wish to enable 'Graphical User Interfaces (Qt4)' (y=yes*, n=no, q=quit) ? y Do you wish to enable 'PC Send Fax support' (y=yes*, n=no, q=quit) ? y Do you wish to enable 'Scanning support' (y=yes*, n=no, q=quit) ? y Do you wish to enable 'HPLIP documentation (HTML)' (y=yes*, n=no, q=quit) ? y ENTER ROOT/SUPERUSER PASSWORD - Please enter the root/superuser password: Password accepted RUNNING PRE-INSTALL COMMANDS OK INSTALL MISSING OPTIONAL DEPENDENCIES - warning: There are 8 missing OPTIONAL dependencies. note: Installation of dependencies requires an active internet connection. warning: Missing REQUIRED dependency for option 'network': libnetsnmp-devel (libnetsnmp-devel - SNMP networking library development files) warning: This installer cannot install 'libnetsnmp-devel' for your distro/OS and/or version. warning: Option 'network' has been turned off. warning: Missing REQUIRED dependency for option 'gui_qt4': pyqt4-dbus (PyQt 4 DBus - DBus Support for PyQt4) warning: This installer cannot install 'pyqt4-dbus' for your distro/OS and/or version. warning: Option 'gui_qt4' has been turned off. warning: Missing REQUIRED dependency for option 'gui_qt4': pyqt4 (PyQt 4- Qt interface for Python (for Qt version 4.x)) warning: This installer cannot install 'pyqt4' for your distro/OS and/or version. warning: Option 'gui_qt4' has been turned off. warning: Missing OPTIONAL dependency for option 'gui_qt4': policykit (PolicyKit - Administrative policy framework) warning: This installer cannot install 'policykit' for your distro/OS and/or version. warning: Missing REQUIRED dependency for option 'fax': python-dbus (Python DBus - Python bindings for DBus) warning: This installer cannot install 'python-dbus' for your distro/OS and/or version. warning: Option 'fax' has been turned off. warning: Missing OPTIONAL dependency for option 'fax': reportlab (Reportlab - PDF library for Python) warning: This installer cannot install 'reportlab' for your distro/OS and/or version. warning: Missing REQUIRED dependency for option 'scan': sane-devel (SANE - Scanning library development files) warning: This installer cannot install 'sane-devel' for your distro/OS and/or version. warning: Option 'scan' has been turned off. warning: Missing OPTIONAL dependency for option 'scan': pil (PIL - Python Imaging Library (required for commandline scanning with hp-scan)) warning: This installer cannot install 'pil' for your distro/OS and/or version. warning: Missing OPTIONAL dependency for option 'base': cups-ddk (CUPS DDK - CUPS driver development kit) warning: This installer cannot install 'cups-ddk' for your distro/OS and/or version. READY TO BUILD AND INSTALL -- Ready to perform build and install. Press enter to continue or 'q' to quit: using yum to find these dependency turns up a lot of package not found messages. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Network Scanner and CentOS 5.5
I have an HP Photosmart 3210 All-in-One color printer. Printing works great, but I cannot get xsane to locate it on the local subnet. I've been to the sane site and looked at the backends. The HP 3210 is supported by hpio and there is a note that hpio is no longer needed because the functionality has been rolled int hplip. yum shows hplip is installed: hplip.x86_64 1.6.7-4.1.el5.4 installed Everything is on an internal nat address space. Host is at .1, Photosmart is at .251 /etc/services contains an entry for sane-port xinet.d/ has a file for sane and sane-port (both identical) iptables allows all outbound and established. I've gone through several sets of guidance found on the Intenet. Almost all is for usb or scsi. Very little guidance on sane-net. Finally found one good set of guidance and followed it to configure dll.conf, and net.conf. I've looked at sane.net man page untill I'm cross-eyed. Anyone successfully scanning from an HP Photosmart network printer? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Scanner and CentOS 5.5
On Sat, 2011-01-08 at 10:51 -0500, David McGuffey wrote: I have an HP Photosmart 3210 All-in-One color printer. Printing works great, but I cannot get xsane to locate it on the local subnet. I've been to the sane site and looked at the backends. The HP 3210 is supported by hpio and there is a note that hpio is no longer needed because the functionality has been rolled int hplip. yum shows hplip is installed: hplip.x86_64 1.6.7-4.1.el5.4 installed Forgot...xsane.x86_64 is also installed Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] yum update and iptables
I'm doing some testing in a lab which is isolated from the rest of my network (DMZ). I'm doing both inbound and outbound filtering at the firewall (CentOS +iptables). What protocols, ports and destination IP addresses does yum use to identify updates, and then actually go get them for installation? Looking at yum.conf and wireshark data, yum appears to go to a central site, look up the closest mirrors, then query the mirrors for the latest updates. Using wireshark it appears that http and tcp are used, but the addresses are all over the place (many mirrors). Is there a way to restrict the outbound traffic to a small number of mirrors? In other words, can I force yum to only check certain sites? If that is not so easy, I should be able to restrict the outbound traffic to a small set of addresses (yes/no?). DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] selinux with samba
I just set up samba to support some Win7 VMs on top of CentOS 5.5. Recommend you read the first page or so of the smb.conf file in /etc/samba. It gives guidance on what to do to ensure SELinux doesn't get in the way. I try to place my shares in something like /var/local/share and avoid any system directories or /home. One can place shares there, but they can be a pita to maintain and can present security risks. Dave M On Fri, 2010-09-17 at 09:22 -0400, Phil Schaffner wrote: Geert Batsleer wrote on 09/17/2010 09:14 AM: I'm having problems setting up a samba server with sellinux in centos 5.6 (x64). My samba config works flawlessly when selinux is disabled but fails to access shares when selinux is enabled. Wich command makes it possible to run samba with selinux without disabling it, now I've done: set sebool -P smbd_disable_trans 1 but doesn't really solve my problem. See the SELinux Wiki article, Section 7: http://wiki.centos.org/HowTos/SELinux Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need tip on an inexpensive printer for college student using CentOS 5.5
On Tue, 2010-08-17 at 22:06 -0400, David McGuffey wrote: On Mon, 2010-08-16 at 16:30 -0700, John R Pierce wrote: On 08/16/10 4:23 PM, Utt, Lyle wrote: I run a Brother HL-2040 by usb cable at home. Works fine out of the box. and its replacement HL-2140 is $79 at Amazon http://www.amazon.com/Brother-HL-2140-Personal-Laser-Printer/dp/B0010Z1W06 has linux CUPS and LPR drivers http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/index.html and uses the same TN-360 2500 page toners as my MFC... After reading numerous responses and checking with linuxprinting (now openprinting) I'll probably try to find a Brother BW laser and avoid the inkjet models. The boy has in the past, saved the files to a USB stick, gone to a campus computer lab (they are in nearly every building these days), and printed there. Since he lives off-campus, that is about the same PITA as rebooting to Win7 and using MS Office to print the document(s). The low-end Cannon printer he has came bundled with the laptop through the campus bookstore (his freshman year). Hind-sight is always 20-20, and knowing what I know now, I would not have allowed him to purchase the bundle. The younger son (2 years behind) went to school with a Mac, no printer, and prints from the campus network. Thanks to all who responded. Ended up with a Brother HL-2170W. Downloaded the PPD file and put it in the right place, and it just worked with CUPS on the usb cable. Thanks again...and this is a reminder why the CentOS mailing list is such a good deal. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Best location in filesystem to have a samba share
Everyone in the family has a digital camera or cell phone and they seem to be leaving picture files all over their home folders, and laptops with no sense of year/month/day taken or what they are about. Looking to consolidate all the family pics in one location on a samba share on the primary workstation that happens to have 2TB of mirrored storage. This is all behind a firewall that blocks smb protocols in and out, and the iptables on the primary workstation will be set to only allow smb to/from specific family laptops. I have read the manuals...so I know one can get samba and selinux to dance together. But...I don't really want to set a boolean so that all the /home folders can be shared. Would rather create a separate folder and give it the correct selinux context, but there is a warning to be careful to not use a system folder because they already have the proper selinux contexts. So...if one were to create a new folder and share it out via samba, where would be the best location to create it so as to not conflict with the selinux contexts of the distro? /usr/share? /usr/local/share? /usr/mnt? somewhere in /var? or somewhere else? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm as non-root user
Yes, I already get that output. I also made sure that the xml scripts and the VM images are not root:root, but root:kvm. I'm using the Virtual Machine Manager GUI as the interface...that is where I get challenged for the root pw. Maybe I need to go to create a script that runs qemu-kvm as the regular user to start the VMs. Dave M On Fri, 2010-07-02 at 18:09 +0530, Arun Khan wrote: On Fri, Jul 2, 2010 at 4:24 PM, David McGuffey davidmcguf...@verizon.net wrote: Tried as I might, I cannot get kvm on CentOS 5.4 to run as a non-root user. Post the error message. Have Googled and followed guidance I've found (put the regular user in the kvm group, change permissions on several files, etc.). Anyone have decent (e.g., working) guidance on how to do this? The output of ls -l /dev/kvm should be like this: crw-rw+ 1 root kvm 10, 232 2010-07-02 09:27 /dev/kvm I have not had to do anything special as long as the non root user is member of kvm group. HTH -- Arun Khan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ESXi, KVM or Xen?
On Sat, 2010-07-03 at 11:52 +0800, Emmanuel Noobadmin wrote: 2. Security Some sites point out that KVM VM runs in userspace as threads. So a compromised guest OS would then give intruder access to the system as well as other VMs. Should I really be concerned or are these worries only for extreme situations and that KVM is viable for normal production situations? Are there other things I should be aware of? As I understand it each VM under kvm has a different SELinux context. Breaking into one VM doesn't give you the context to manipulate another. One would have to go back out through the network to attack the next VM...and if you have decent logging and IDS the noise should be seen/detected. I went with kvm specifically because it is integrated into SELinux. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm as non-root user
On Sat, 2010-07-03 at 07:58 -0400, David McGuffey wrote: Yes, I already get that output. I also made sure that the xml scripts and the VM images are not root:root, but root:kvm. I'm using the Virtual Machine Manager GUI as the interface...that is where I get challenged for the root pw. Maybe I need to go to create a script that runs qemu-kvm as the regular user to start the VMs. Dave M On Fri, 2010-07-02 at 18:09 +0530, Arun Khan wrote: On Fri, Jul 2, 2010 at 4:24 PM, David McGuffey davidmcguf...@verizon.net wrote: Tried as I might, I cannot get kvm on CentOS 5.4 to run as a non-root user. Post the error message. Have Googled and followed guidance I've found (put the regular user in the kvm group, change permissions on several files, etc.). Anyone have decent (e.g., working) guidance on how to do this? The output of ls -l /dev/kvm should be like this: crw-rw+ 1 root kvm 10, 232 2010-07-02 09:27 /dev/kvm I have not had to do anything special as long as the non root user is member of kvm group. HTH -- Arun Khan In /usr/bin, here is what I find. -rwxr-xr-x 1 root root 9230 Apr 2 22:31 virt-clone -rwxr-xr-x 1 root root 10322 Apr 2 22:31 virt-convert -rwxr-xr-x 1 root root 12000 Apr 2 22:31 virt-image -rwxr-xr-x 1 root root 34482 Apr 2 22:31 virt-install lrwxrwxrwx 1 root root 20 May 16 22:34 virt-manager - ../bin/consolehelper -rwxr-xr-x 1 root root 34040 Sep 3 2009 virt-viewer -rwxr-xr-x 1 root root 3505 Mar 31 05:02 virt-xml-validate And looking through the virsh manual, here is what I find: Most virsh commands require root privileges to run due to the communications channels used to talk to the hypervisor. Running as non root will return an error. Seems all paths to managing VMs has to go through root. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] kvm as non-root user
Tried as I might, I cannot get kvm on CentOS 5.4 to run as a non-root user. Have Googled and followed guidance I've found (put the regular user in the kvm group, change permissions on several files, etc.). Anyone have decent (e.g., working) guidance on how to do this? Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] 2 DVDs for CentOS 5.5
Just finished downloading the DVD with bittorrent. Ended up with two iso files (1 of 2 and 2 of 2). sha1sum checks out on both. This is the first time I've encountered two DVDs. Will the install politely ask for DVD #2 when it is time? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] 5.4--5.5 Upgrade broke OO 3.2.0
In order to get an OpenOffice configuration that is closer in compatibility with MS Office 2007, I removed the standard OO in 5.4 via yum and installed the latest (3.2.0) from OpenOffice.org. Ran that config for many months without a problem. However, when I allowed the upgrade to 5.5, OO broke. I finally had to remove all traces of OO 3.2.0, and start over. That worked...until yum tells me that there are updates to apply, which includes an OO update. Not thinking, I allowed the updates and the OO update broke OO 3.2.0 again. The update is: openoffice.org-ure-3.1.1-19.5.el5.x86_64 updates openoffice.org-ure-1.6.0-9483.x86_64 I had to repeat the removal and reinstallation of OO to recover. Now I watch the updates more closely and don't allow the OO update to come in. Not complaining...just a warning to the community of the challenge one often encounters by running software that is not part of the standard distribution. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] sudo for Virtual Machine Manager
I've done everything stated in the various guidance to get a regular user to use virt-manager (graphical Virtual Machine Manager) under CentOS 5.4 with KVM. Placing the user in the kvm group and changing permissions on several files to include kvm has not worked...the user still needs to enter the root password to use the graphical VMM. I thought of pressing sudo into service for this task. Anyone think this will work? Anyone got a better way? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Block network at logoff on workstation
On Thu, 2010-02-04 at 09:19 -0500, Ross Walker wrote: On Feb 3, 2010, at 9:36 PM, David McGuffey davidmcguf...@verizon.net wrote: I'm trying to reduce the attack surface to a home machine that is always on and connected to the Internet. It is running CentOS 5.4, with tight iptables rules and sits behind a Verizon FiOS firewall/switch also configured with tight rules. I was wondering how to best block all network access to it when I log off...then unblock it when I log on. Changing iptables requires root access...as does running ifdown and ifup scripts. I could change the permissions on ifdown and ifup and run them from the login/logout scripts, but I'd prefer not to do that. Any tips? Set iptables to block all inbound traffic unless initiated from your workstation. It's the most secure, all the time. -Ross It is already set up that way...but I was thinking about taking the interface down if no one is logged into the console (this is a workstation used as a home computer and not supporting any network servers). I was thinking of a cron job that would run 'who' and if there were no active logins, run 'ifdown eth0' DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization - what do You recommend?
On Tue, 2010-02-02 at 11:51 -0500, Max Hetrick wrote: Bobby wrote: Odd, for some time I have had USB support with Sun's Virtualbox. It was a problem at some point but works fine here (Using Fedora 11). I'm pretty sure I watched a USB CAM on XP (as a VM client) a while ago. Well, it's supported and works, however, you have to remount usbfs and chmod a file or two, and then it works in VirtualBox. So it's more of a bug I guess than unsupported. Max I'm using CentOS 5.4 x86_64 with KVM. Have created several Windows VMs. USB, CDROM, and virtual hard disks all work in it. Seems rock solid to me so far. The VMs and their xml descriptor files are easy to back up. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Rolodex for linux
On Mon, 2010-01-18 at 20:36 -0500, Stephen Harris wrote: On Mon, Jan 18, 2010 at 07:52:53PM -0500, David McGuffey wrote: As I migrate away from Windows, I need to move the data out of my old rolodex program (written in Pascal back in the late 80's) into something that runs on Linux. The data is stored in csv lines in a text file. If it was a form of Borland/Turbo Pascal and you still have the source code then you might be able to run it under Free Pascal on Linux directly :-) http://www.freepascal.org/ Thanks...and yes it was from the Borland/Turbo Pascal package. I'll have to see if I can find the source. It is probably on 5/25 floppies (and yes, I still have one of those old drives installed on another machine). Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Rolodex for linux
As I migrate away from Windows, I need to move the data out of my old rolodex program (written in Pascal back in the late 80's) into something that runs on Linux. The data is stored in csv lines in a text file. That old custom program output the data to rolodex cards on a pin-feed dot matrix printer. (Yea...I'm dating myself). Anyway, does anyone know of a decent rolodex program on linux that also has the capability of printing to the 3.5 wide rolodex cards? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] College student printer for CentOS 5.4 x86_64?
On Sat, 2009-12-19 at 18:40 -0500, Stephen Harris wrote: On Sat, Dec 19, 2009 at 06:33:18PM -0500, David McGuffey wrote: Yes, I checked that site. The printer is a USB Cannon IP1800. Chasing links I found at linuxprinting I had to go to Japan to get a driver, but it wouldn't work. Try http://software.canon-europe.com/software/0027213.asp?model= (found from http://software.canon-europe.com/products/0010455.asp ) Even includes a nice rpm which has a cups PPD driver :-) No joy: When I start to install with rpm, here is what I get: Missing Dependency: cnijfilter-common = 2.70 is needed by package cnijfilter-ip1800series-2.70-1.i386 (/cnijfilter-ip1800series-2.70-1.i386) Missing Dependency: libxml.so.1 is needed by package cnijfilter-ip1800series-2.70-1.i386 (/cnijfilter-ip1800series-2.70-1.i386) I'm using x86_64, and not keen about installing i386 packages. Any incompatibility issues with running i386 packages on a 64 bit CentOS? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] College student printer for CentOS 5.4 x86_64?
On Sat, 2009-12-19 at 10:52 +0100, Louis Lagendijk wrote: On Fri, 2009-12-18 at 20:20 -0500, David McGuffey wrote: Oldest son came back from college and wants a printer for his Dell laptop. I built it with CentOS 5.3 x86_64 several months ago and will upgrade it to 5.4 The Cannon printer he now has (bought with the laptop and Vista through the university book store), doesn't seem to have linux drivers. what model printer is this? Did you check http://www.linuxprinting.org? You may also want to take a look at turboprint www.turboprint.info , it is commercial, but offer good quality drivers for a lot of printers. It will still be cheaper than to buy a new printer Yes, I checked that site. The printer is a USB Cannon IP1800. Chasing links I found at linuxprinting I had to go to Japan to get a driver, but it wouldn't work. My HP Photosmart 3210 (ethernet) at home works on CentOS. I may give him that one, and buy a new printer for CINC House and me. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] College student printer for CentOS 5.4 x86_64?
Oldest son came back from college and wants a printer for his Dell laptop. I built it with CentOS 5.3 x86_64 several months ago and will upgrade it to 5.4 The Cannon printer he now has (bought with the laptop and Vista through the university book store), doesn't seem to have linux drivers. I built the machine with Vista and CentOS in dual-boot, so he could manage his iTunes and use the printer under Vista. He does almost all his college work under CentOS. Most of his papers are submitted electronically, but occasionally he has to print one. What would the community recommend? His needs are simple...mostly BW papers. On rare occasions he needs to print a paper with color photos/graphs embedded. Not looking to spend a lot, just enough to satisfy the requirement. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum quit working in CentOS 5.4 x86_64
On Mon, 2009-12-14 at 03:45 -0800, John Doe wrote: From: David McGuffey davidmcguf...@verizon.net Have been running 5.4 x86_64 for a couple of months now. Every once in a while, I would get a notice that updates were available. It appears that about 3 weeks ago, yum stopped notifying me of updates. Over that time, I've manually done a 'yum update' from a command line, with an output that there are no updates. I know this cannot be true, because I watch the 'centOS-announce Digest' messages come through and see that there are updates for my installation. Did you check that those digest takled about a Centos 5 version of an application specificaly installed on your server...? The latests updates I have in my local repository are from November the 28th... kdelibs-devel-3.5.4-25.el5.centos.1.x86_64.rpm kdelibs-devel-3.5.4-25.el5.centos.1.i386.rpm kdelibs-3.5.4-25.el5.centos.1.x86_64.rpm kdelibs-3.5.4-25.el5.centos.1.i386.rpm kdelibs-apidocs-3.5.4-25.el5.centos.1.x86_64.rpm kexec-tools-1.102pre-77.el5.3.x86_64.rpm system-config-lvm-1.1.5-1.0.el5_4.1.noarch.rpm openswan-doc-2.6.21-5.el5_4.1.x86_64.rpm openswan-2.6.21-5.el5_4.1.x86_64.rpm xterm-215-8.el5_4.1.x86_64.rpm metacity-2.16.0-12.el5_4.1.x86_64.rpm metacity-2.16.0-12.el5_4.1.i386.rpm Here is what my logs show for the last three updates that ran successfully: Nov 14 10:02:13 Updated: 1:libvorbis-1.1.2-3.el5_4.4.x86_64 Nov 14 10:02:13 Installed: libmpeg2-0.5.1-2.el5.rf.x86_64 Nov 14 10:02:14 Installed: libmpeg2-utils-0.5.1-2.el5.rf.x86_64 Nov 14 10:02:17 Updated: httpd-2.2.3-31.el5.centos.2.x86_64 Nov 14 10:02:17 Updated: dbus-python-0.70-9.el5_4.x86_64 Nov 14 10:02:18 Updated: 1:libvorbis-1.1.2-3.el5_4.4.i386 Nov 14 10:02:19 Updated: 1:libvorbis-devel-1.1.2-3.el5_4.4.i386 Nov 14 10:02:19 Updated: 1:libvorbis-devel-1.1.2-3.el5_4.4.x86_64 Nov 14 10:02:19 Erased: mpeg2dec Nov 17 21:26:08 Installed: aide-0.13.1-4.el5.x86_64 Nov 24 22:04:43 Updated: 1:cups-libs-1.3.7-11.el5_4.4.x86_64 Nov 24 22:04:44 Updated: 1:cups-libs-1.3.7-11.el5_4.4.i386 Nov 24 22:04:52 Updated: 1:cups-1.3.7-11.el5_4.4.x86_64 Nov 27 08:59:17 Installed: twolame-0.3.12-1.el5.rf.x86_64 Nov 27 08:59:18 Updated: gstreamer-plugins-ugly-0.10.11-1.el5.rf.x86_64 Nov 27 08:59:18 Updated: gstreamer-ffmpeg-0.10.6-1.el5.rf.x86_64 Nov 28 08:35:38 Updated: metacity-2.16.0-12.el5_4.1.x86_64 Nov 28 08:35:38 Updated: xterm-215-8.el5_4.1.x86_64 Nov 28 08:35:39 Updated: kexec-tools-1.102pre-77.el5.3.x86_64 Nov 28 08:35:41 Updated: system-config-lvm-1.1.5-1.0.el5_4.1.noarch Nov 28 08:35:47 Updated: metacity-2.16.0-12.el5_4.1.i386 So...maybe I'm just an IA guy with a worrying problem. I'm used to my Windoze boxes updating nearly every time I boot them. I'm also used to Fedora 10 and 11 which seem to have updates every two or three days. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] yum quit working in CentOS 5.4 x86_64
Have been running 5.4 x86_64 for a couple of months now. Every once in a while, I would get a notice that updates were available. It appears that about 3 weeks ago, yum stopped notifying me of updates. Over that time, I've manually done a 'yum update' from a command line, with an output that there are no updates. I know this cannot be true, because I watch the 'centOS-announce Digest' messages come through and see that there are updates for my installation. I tried 'yum clean all' followed by another 'yum update' and still no updates are listed as available. I have the priorities plugin installed and here is the output I get: [r...@desk ~]# yum update Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * addons: ftp.lug.udel.edu * base: mirror.rackspace.com * centosplus: mirrors.netdna.com * extras: ftp.lug.udel.edu * rpmforge: fr2.rpmfind.net * updates: mirrors.adams.net 598 packages excluded due to repository priority protections Setting up Update Process No Packages marked for Update [r...@desk ~]# Here is the contents of CentOS-Base.repo: [r...@desk yum.repos.d]# cat CentOS-Base.repo # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=1 #released updates [updates] name=CentOS-$releasever - Updates mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=updates #baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=1 #packages used/produced in the build but not released [addons] name=CentOS-$releasever - Addons mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=addons #baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=1 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=extras #baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=1 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=centosplus #baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/ enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=2 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch= $basearchrepo=contrib #baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/ enabled=0 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 priority=2 [r...@desk yum.repos.d]# What is wrong? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora 11 i386 Evolution address book -- CentOS 5.4 x86_64 (Solved)
On Sun, 2009-11-29 at 10:32 -0500, Lanny Marcus wrote: On Sat, Nov 28, 2009 at 7:00 PM, David McGuffey davidmcguf...@verizon.net wrote: snip Maybe I should check to see if Evolution on F11 can export the db into something that Evolution on 5.4 can import. Yes. If you are lucky, that will work OK. Possibly you can find some information on the Novell support site. Sounds like you are moving from a newer to an older Evolution and need backward compatibility. GL I exported the newer (F11) Evolution address book to vcf, then created a new address book on the older (CentOS) Evolution, then imported the vcf into it. All is well. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
On Sun, 2009-11-29 at 20:31 +, John Horne wrote: On Sat, 2009-11-28 at 18:57 -0500, David McGuffey wrote: Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade through to determine if they are legit or not. If that is all that AIDE can do, then it is not manageable. Seems to me that any IDS must be tied to the yum update process so that one is not dealing with hundreds/thousands of changes that were brought in by a yum update that I choose to apply. Is OSSEC any less noisy? More so as far as I can tell. Don't forget that prelinking will cause files to regularly change their hash value whether they have been updated or not. Aide does have a patch to cater for prelinking (as far as I know it is not in the current release so you'll have to search their archives for it). OSSEC does not know about prelinking, so will frequently report files having changed. Shameless plug: You could take a look at rootkit hunter (http://sourceforge.net/projects/rkhunter/), its file properties testof knows about prelinking and can use the local RPM database to verify files, so an updated file won't be flagged as having changed unless someone has deliberately changed it. Another alternative is Samhain. As far as I remember it can handle prelinking, but will report updated files as having been changed. Thanks. I'm not looking for a tech solution so I can sit on my butt and let the tools do their magic. What bothered me was that I did the install, configured the load the way I wanted it, ran AIDE to init the db. A couple of days later, the CentOS list informed us that cups needed to be updated. I did the update and immediately ran AIDE to see what changed. That cups update changed nearly 1,700 files. That caused me to think...there should be a way to tie the IDS to the patching (that I deliberately authorized), so that the changes related to the patching are either ignored, or collected at the end of the report under the header something like: The following changes appear to be tied to authorized patching activity...if you did not authorize these changes, then find out why they changed... I still want to see the changes, but it would be nice to see the ones I authorized through the update service to be partitioned off from the ones that seem to have no reasonable explanation. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Fedora 11 i386 Evolution address book -- CentOS 5.4 x86_64
Finally moved my home desktop from Fedora to CentOS. My spouse was unhappy with me upgrading from F9--F10--f11 etc and wanted something more stable. I built a second machine which is now running in parallel to the old F11 desktop. I moved my data (mail and files) from the F11 box to the CentOS 5.4 box. I used tar to move everything. Mail and files transferred A-OK...but the Evolution address book did not. Any tips on getting the old /home/.../.evolution/addressbook which worked with the version of Evolution on the new machine with an older version of Evolution? BTW, on CentOS, I cannot add new addresses to the address book. User_id on the new machine is the same as on the old machine, so perms should not be the problem. I checked the selinux context and it is the same as everything else in /home If I do a forced reinstall of Evolution would it mess up the mail files? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
Starting with a fresh load and after I finish hardening the load following the Center for Internet Security (CIS) guidance, I'm wondering whether AIDE or OSSEC would be a better intrusion detection system. I installed AIDE and did a quick test of AIDE and after initializing the db and applying the recent cups update, I found that 1700+ files had changed. Those are a lot of changes to wade through to determine if they are legit or not. If that is all that AIDE can do, then it is not manageable. Seems to me that any IDS must be tied to the yum update process so that one is not dealing with hundreds/thousands of changes that were brought in by a yum update that I choose to apply. Is OSSEC any less noisy? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] errors on multimedia guidance for x86_64
On Tue, 2009-11-10 at 09:24 +0100, Nicolas Thierry-Mieg wrote: David McGuffey wrote: On Mon, 2009-11-09 at 07:09 -0500, Steve Huff wrote: On Nov 8, 2009, at 10:43 PM, David McGuffey wrote: -- Finished Dependency Resolution gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) snip First question: Is the guidance for multimedia accurate for an 5.4 x86_64 load? Second question: is rpmforge fully ready for 5.4? this is a known issue; Dag has been working on fixing it over the weekend: http://lists.rpmforge.net/pipermail/users/2009-November/002797.html So...are the gstreamer-plugins in rpmforge ready for 5.4? i was just able to install gstreamer-plugins-bad on a 5.4 i386 host. -steve I'm running 5.4 x86_64, so maybe I'll have to wait for the rpmforge to catch up. everything seems fixed this morning (C5 x86_64), at least on the mirror I use. Try again, if it fails try a different mirror. I forced a re-install and all seems to be working, but I get an SELinux alert that tells me it is blocking /usr/lib64/gstreamer-0.10/libgstffmpeg.so because it requires text location. I went ahead an used audit2allow to make an exception for this shared library. Not exactly what I wanted to do and I'm hoping that this gets fixed in the upstream work. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization option at first install CentOS-5.4 x86_64
On Sat, 2009-11-07 at 23:32 -0600, Les Mikesell wrote: David McGuffey wrote: I tried VMWare's EXSi 4.0 on bare metal, and failed. Then I tried VirtualBox on CentOS 5.3 and failed. What did these fail to do? Sorry it has taken so long to get back. After screwing around for weeks trying to get a motherboard that at least was on the unofficial white list, I did get EXSi 4.0 to load. It was then that I realized I needed a separate Windoze workstation to load the vSphere to manage the VMs. I could only dedicate one machine to the virtualization testing. Then I tried VB on CentOS 5.3. For some reason, I couldn't get it to create a VM. So... I reloaded the machine with CentOS 5.4 (it had come out during my test), and selected 'kvm' during the install. That worked great. At work, I loaded VB onto a Windoze XP Pro load and it locked up the machine. Corporate IT had to re-image it...along with a warning to me about mucking with their standard load. Tonight, I just loaded VB onto Windoze XP 64. The load went OK, but when I created a VM for CentOS 5.4 (text mode), it hangs trying to bring up the network. That is the second failure I've had with VM. Tomorrow I'm going to remove VB from the XP 64 load and install VMWare Server. At this point in time, the only virtualization tool that loaded and 'just worked' has been kvm under CentOS 5.4. And...this is only a Technology Preview by Red Hat. For a TP, I'm impressed. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization option at first install CentOS-5.4 x86_64
On Mon, 2009-11-09 at 10:18 +0100, Mathieu Baudier wrote: I selected one virtual CPU for the XP load...primarily because I want to run a couple more VMs and the guidance was to allocate one real CPU per VM. My understanding is that Win XP will perform a fundamentally different install depending on whether it detects 1 or many CPU. So if you ever plan to reuse your VM with many CPUs, you should install it with many right away (and follow the tip above: install as Windows Vista, not XP). I had this problem with a Win XP VM that I installed with pre v3.0 versions of VirtualBox: after VBox introduced SMP I could not use the multi-processor feature since XP had been installed with one processor. Anyhow, now that I'm using KVM, for my test desktop VMs I tend to allocate a total of CPUs across the VMs higher than the number of my physical CPUs, since they rarely need CPU power at the same time but I want them to be able to run very smoothly if needed. run a couple more VMs and the guidance was to allocate one real CPU per Which guidance are you talking about? In the Red Hat 5 Virtualization documentation it seems to strongly recommends having at least one physical cpu per VM. Since I have a quad core and I want to run the host plus 2-3 VMs, I decided give each VM one virtual cpu. Maybe I was too cautious. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux and KVM
On Mon, 2009-11-09 at 23:31 +0100, Kai Schaetzl wrote: James B. Byrne wrote on Mon, 9 Nov 2009 14:48:50 -0500 (EST): I am afraid I am not seeing the logic behind this sort of install cockup. If qemu is not supposed to be used at all then why is it even available because you enabled rpmforge and installed qemu. *You* did that, not CentOS. I suppose you were going by some tutorial that isn't quite right (anymore)? = Installing: kvmx86_6483-105.el5_4.9 updates 828 k Installing for dependencies: celt051x86_640.5.1.3-0.el5base 51 k etherboot-zroms-kvmx86_645.4.4-10.el5.centos base 126 k kmod-kvm x86_6483-105.el5_4.9 updates 1.2 M libogg x86_642:1.1.3-3.el5base 18 k log4cppx86_641.0-4.el5base 506 k mesa-libGLUx86_646.5.1-7.7.el5base 225 k qcairo x86_641.8.7.1-3.el5base 499 k qffmpeg-libs x86_640.4.9-0.15.20080908.el5 base 273 k qpixmanx86_640.13.3-4.el5 base 109 k qspice-libsx86_640.3.0-39.el5_4.3 updates 228 k see any sign of qemu? I did the same for virt-manager. Again, no sign of qemu. I suggest you go to the centos-virt list, your questions are all virtualization- specific. Maybe the archive already helps? Kai Don't be so hard on him. I did a vanilla install of 5.4 x86_64 and selected 'kvm' as a custom package during install. I didn't go to rpmforge and get any other virtualization tools. kvm and Virtual Machine Manager (the RHEL graphical interface to libvirt) just worked...created a VM with WinXP A-OK. I do get an sealert from qemu-kvm...so qemu must be embedded in whatever comes with the 'kvm' selection at install time. I posted the following sealert on the selinux-list: Summary: SELinux is preventing qemu-kvm (qemu_t) read to sh (bin_t). Detailed Description: SELinux denied access requested by qemu-kvm. It is not expected that this access is required by qemu-kvm and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for sh, restorecon -v 'sh' If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:qemu_t:SystemLow-SystemHigh Target Contextsystem_u:object_r:bin_t Target Objectssh [ lnk_file ] Sourceqemu-kvm Source Path /usr/libexec/qemu-kvm Port Unknown Host desk Source RPM Packages kvm-83-105.el5_4.9 Target RPM Packages Policy RPMselinux-policy-2.4.6-255.el5_4.1 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing ModeEnforcing Plugin Name catchall_file Host Name desk Platform Linux desk 2.6.18-164.6.1.el5 #1 SMP Tue Nov 3 16:12:36 EST 2009 x86_64 x86_64 Alert Count 1 First SeenMon 09 Nov 2009 09:59:41 PM EST Last Seen Mon 09 Nov 2009 09:59:41 PM EST Local ID f52a188e-0710-4238-86ce-af3beb90c318 Line Numbers Raw Audit Messages host=desk type=AVC msg=audit(1257821981.730:53): avc: denied { read } for pid=4947 comm=qemu-kvm name=sh dev=sdc5 ino=3156772 scontext=system_u:system_r:qemu_t:s0-s0:c0.c1023 tcontext=system_u:object_r:bin_t:s0 tclass=lnk_file host=desk type=SYSCALL msg=audit(1257821981.730:53): arch=c03e syscall=59 success=no exit=-13 a0=31a311f873 a1=7fff15506380 a2=7fff15509f00 a3=31a3e16220 items=0 ppid=4900 pid=4947 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=qemu-kvm exe=/usr/libexec/qemu-kvm subj=system_u:system_r:qemu_t:s0-s0:c0.c1023 key=(null) Bottom line is that qemu-kvm is present in the 5.4 x86_64 release. And there does seem to be a problem with the policy. Documentation states one should be
Re: [CentOS] errors on multimedia guidance for x86_64
On Mon, 2009-11-09 at 07:09 -0500, Steve Huff wrote: On Nov 8, 2009, at 10:43 PM, David McGuffey wrote: -- Finished Dependency Resolution gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) libquicktime-1.1.3-1.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. [r...@desk Desktop]# First question: Is the guidance for multimedia accurate for an 5.4 x86_64 load? Second question: is rpmforge fully ready for 5.4? this is a known issue; Dag has been working on fixing it over the weekend: http://lists.rpmforge.net/pipermail/users/2009-November/002797.html So...are the gstreamer-plugins in rpmforge ready for 5.4? i was just able to install gstreamer-plugins-bad on a 5.4 i386 host. -steve I'm running 5.4 x86_64, so maybe I'll have to wait for the rpmforge to catch up. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] errors on multimedia guidance for x86_64
On Sat, 2009-11-07 at 20:44 -0500, David McGuffey wrote: I have a fresh install of 5.4 x86_64 from a dvd .iso. All has worked well for several days, including kvm and WinXP running in a vm. Decided it was time to get the multimedia stuff up and running so I could listen to music CDs and watch DVD movies while working. I followed the guidance on the Tips and Tricks page for multimedia. Had no problem with the priorities or the rpmforge installs. Here is where it went south: [r...@desk Desktop]# yum install libdvdcss libdvdread libdvdplay libdvdnav lsdvd mplayerplug-in mplayer mplayer-gui compat-libstdc++-33 flash-plugin gstreamer-plugins-bad gstreamer-plugins-ugly gstreamer-ffmpeg libquicktime Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * addons: yum.singlehop.com * base: mirror.fdcservers.net * extras: mirrors.liquidweb.com * rpmforge: fr2.rpmfind.net * updates: centos.mirror.nac.net 440 packages excluded due to repository priority protections Setting up Install Process ... -- Finished Dependency Resolution gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) libquicktime-1.1.3-1.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. [r...@desk Desktop]# First question: Is the guidance for multimedia accurate for an 5.4 x86_64 load? Second question: is rpmforge fully ready for 5.4? Dave bump So...are the gstreamer-plugins in rpmforge ready for 5.4? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization option at first install CentOS-5.4 x86_64
On Sun, 2009-11-08 at 14:50 +0100, Mathieu Baudier wrote: I've been doing a lot of research on virtualization (VMWare, EXSi, xen, kvm, VirtualBox, etc.) and ended up choosing kvm. I'm very surprised at how quick I was able to bring up a WinXP VM. # FUTURE OF KVM David, I'm currently doing exactly the same (researching and comparing various virtualization technologies) and I agree that it seems the way to go in the future. Only problem is that virt-manager is pretty hard to use and lacks a lot of features which would be practical. It is better though when using the one in Fedora, connecting to a CentOS box running libvirtd+KVM. What esp. lacks in the virt-manager distributed with CentOS 5.4 is the remote management of storage pools. I guess that the upstream vendor want to keep its proprietary Virtualization Server product attractive... (which is in itself a guarantee that they will keep investing in KVM, see: http://www.redhat.com/v/swf/rhev/demo.html) # WIN XP UNDER QEMU+KVM Regarding running Windows XP, I just wanted to share the following with the list: - when installing Windows XP through virt-manager, if one chooses 'Windows XP' as OS type and chooses more than 1 virtual CPU, some or all of the physical CPUs are used to 100% and the guest is very slow - this seems to be due to a problem where ACPI is not properly activated: https://bugs.launchpad.net/ubuntu/+source/virt-manager/+bug/228442 - the solution is to install it as 'Windows Vista': in that case this is indeed extremely fast, and actually I do not have the pb described in the link above that it cannot shutdown. I'm gathering experience around KVM and I'll probably try to contribute it to the CentOS Wiki when it is more consolidated. I selected one virtual CPU for the XP load...primarily because I want to run a couple more VMs and the guidance was to allocate one real CPU per VM. So far, I'm very impressed with kvm. However, I'm getting an SELinux alert on qemu, and have posted the sealert txt to the selinux-list for resolution. The VM seems to run ok, but I must do so as root, and not a regular user. kvm+qemu on CentOS is supposed to be able to be run as a regular user. The SELinux alert seems to revolve around the admin type (or lack thereof). I'm hoping the SELinux gurus can work it out. In the meantime, I need to figure out how to get the XP VM to access a usb thumbdrive. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization option at first install CentOS-5.4 x86_64
I've been doing a lot of research on virtualization (VMWare, EXSi, xen, kvm, VirtualBox, etc.) and ended up choosing kvm. I'm very surprised at how quick I was able to bring up a WinXP VM. I tried VMWare's EXSi 4.0 on bare metal, and failed. Then I tried VirtualBox on CentOS 5.3 and failed. So I decided to download a fresh CentOS 5.4 iso and see if kvm would work. Since Red Hat has purchased the developer of kvm, I figured y the time it showed up in 5.4 most of the kinks would be worked out. Go with kvm...that appears to be the future for RHEL and CentOS. DaveM On Fri, 2009-11-06 at 13:30 -0500, James B. Byrne wrote: When I choose the virtualization option during the first install of CentOS-5.4 do I get KVM or XEN? Regards, ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization option at first install CentOS-5.4 x86_64
On Fri, 2009-11-06 at 16:21 -0500, James B. Byrne wrote: On Fri, November 6, 2009 13:50, James B. Byrne wrote: Evidently, one gets XEN. I will get kvm from extras and go about installing it manually. # grep 'vmx' /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm syscall nx lm constant_tsc pni monitor ds_cpl vmx est tm2 cx16 xtpr lahf_lm I installed kvm.x86_64-83-105.el5_4.9 successfully. I also installed virt-manager. I tried to install qemu but failed due to this file conflict: Transaction Check Error: file /usr/share/man/man1/qemu-img.1.gz from install of qemu-0.9.0-4.x86_64 conflicts with file from package kvm-qemu-img-83-105.el5_4.9.x86_64 I infer from this that qemu is NOT required with KVM and that kvm-qemu takes its place. Proceeding to the next stage I tried to load the kvm-module: # modprobe kvm-intel Which fails like this: FATAL: Error inserting kvm_intel (/lib/modules/2.6.18-164.el5/weak-updates/kmod-kvm/kvm-intel.ko): Operation not supported So, what is going on? What am I missing? The CentOS HowTos on kvm do not cover the current kernel insofar as I can see. I checked the 'kvm' box during the install of 5.4 64bit and didn't have to install anything from the extras or rpmforge repos. It just worked right off the iso. DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] USB disks for VMs in kvm, 5.4 x86_64
Have a fresh install of 5.4 x86_64 with kvm. Created a WinXP VM and it works well. Now trying to get the VM to use a usb thumb-dirve. I seemed to have hit a wall trying to figure out how to configure it. Any tips? DaveM ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] errors on multimedia guidance for x86_64
I have a fresh install of 5.4 x86_64 from a dvd .iso. All has worked well for several days, including kvm and WinXP running in a vm. Decided it was time to get the multimedia stuff up and running so I could listen to music CDs and watch DVD movies while working. I followed the guidance on the Tips and Tricks page for multimedia. Had no problem with the priorities or the rpmforge installs. Here is where it went south: [r...@desk Desktop]# yum install libdvdcss libdvdread libdvdplay libdvdnav lsdvd mplayerplug-in mplayer mplayer-gui compat-libstdc++-33 flash-plugin gstreamer-plugins-bad gstreamer-plugins-ugly gstreamer-ffmpeg libquicktime Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * addons: yum.singlehop.com * base: mirror.fdcservers.net * extras: mirrors.liquidweb.com * rpmforge: fr2.rpmfind.net * updates: centos.mirror.nac.net 440 packages excluded due to repository priority protections Setting up Install Process ... -- Finished Dependency Resolution gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) libquicktime-1.1.3-1.el5.rf.x86_64 from rpmforge has depsolving problems -- Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package libquicktime-1.1.3-1.el5.rf.x86_64 (rpmforge) Error: Missing Dependency: libfaad.so.0()(64bit) is needed by package gstreamer-plugins-bad-0.10.8-3.el5.rf.x86_64 (rpmforge) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest The program package-cleanup is found in the yum-utils package. [r...@desk Desktop]# First question: Is the guidance for multimedia accurate for an 5.4 x86_64 load? Second question: is rpmforge fully ready for 5.4? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux is preventing httpd from loading /usr/local/apache/modules/libphp5.so
Recommend you dump a copy of the selinux error message and send it to the selinux forum. Can't remember the full name off the top of my head but I believe if you google for selinux-list, you will hit it. DaveM On Sat, 2009-11-07 at 14:36 +0700, Ricky Tompu Breaky wrote: Dear my friends... Anybody would be so nice for telling me the solution of my problem. My Apache2 can not start. I find this error in /var/log/messages: Nov 7 14:20:47 cencen setroubleshoot: SELinux is preventing httpd from loading /usr/local/apache/modules/libphp5.so which requires text relocation. For complete SELinux messages. run Realertrag -l 077ac3bc-5f20-4954-99c3-a754f9cd7df2 I've done: sealert -l 077ac3bc-5f20-4954-99c3-a754f9cd7df2 but It does not make any change. Please tell me. Thank you very much. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.4: yum-priorities seems to be MIA
On Thu, 2009-10-29 at 16:56 -0400, Boris Epstein wrote: On Thu, Oct 29, 2009 at 4:07 PM, Akemi Yagi amy...@gmail.com wrote: On Thu, Oct 29, 2009 at 1:00 PM, Boris Epstein borepst...@gmail.com wrote: Hi all, I just installed 5.4 on a machine here... All seems running fine, except I decided to put on the extra repositories - and as usual I decided to install yum-priorities (as directed here: http://wiki.centos.org/AdditionalResources/Repositories/RPMForge ) but it seems like this package is nowhere to be found. Does anybody know why this would be? It is a known issue: http://bugs.centos.org/view.php?id=3923 Akemi Thanks... Hopefully that will be sorted out soon then. Boris. I thought it was replaced by protectbase, and configured that instead. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dual Booting Question
On Fri, 2009-08-21 at 20:00 -0700, Chaz Sliger wrote: I use Symantec’s Norton Partition Magic to carve up the disk, usually into 3 partitions (NTFS for windows, FAT32 for moving files between windows and linux, and a linux partition). You’ll need to copy the linux bootloader into the Master Boot Record and then set it up so you can choose which OS to boot. -chaz When it comes time to install Linux in dual-boot mode, I always use that opportunity to blow away Windoze and do a fresh install on a portion of the disk before letting Linux have the rest. After a few months Windoze can get loaded up with a lot of junk and get slow and quirky. If for some reason you can't do that, then the Partition Magic route also works. But...back up the Windoze data first. PM is not always 100% fool-proof. Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Funny stuff in SELinux -- /usr/lib/libGL.so.1.2.#prelink#.4GxqM1
Received this SELinux warning: Summary: SELinux is preventing ld-linux.so.2 from loading /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 which requires text relocation. Detailed Description: The ld-linux.so.2 application attempted to load /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests (http://people.redhat.com/drepper/selinux-mem.html) web page explains how to remove this requirement. You can configure SELinux temporarily to allow /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 to use relocation as a workaround, until the library is fixed. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Allowing Access: If you trust /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 to run correctly, you can change the file context to textrel_shlib_t. chcon -t textrel_shlib_t '/usr/lib/libGL.so.1.2.#prelink#.4GxqM1' You must also change the default file context files on the system in order to preserve them even on a full relabel. semanage fcontext -a -t textrel_shlib_t '/usr/lib/libGL.so.1.2.#prelink#.4GxqM1' Fix Command: chcon -t textrel_shlib_t '/usr/lib/libGL.so.1.2.#prelink#.4GxqM1' Additional Information: Source Contextunconfined_u:system_r:prelink_t:s0 Target Contextunconfined_u:object_r:lib_t:s0 Target Objects/usr/lib/libGL.so.1.2.#prelink#.4GxqM1 [ file ] Sourceld-linux.so.2 Source Path /lib/ld-2.9.so Port Unknown Host desk.mcguffeyfamily.net Source RPM Packages glibc-2.9-3 Target RPM Packages Policy RPMselinux-policy-3.5.13-68.fc10 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing ModeEnforcing Plugin Name allow_execmod Host Name desk.mcguffeyfamily.net Platform Linux desk.mcguffeyfamily.net 2.6.27.29-170.2.79.fc10.i686 #1 SMP Fri Aug 14 21:11:41 EDT 2009 i686 i686 Alert Count 1 First SeenWed 19 Aug 2009 08:43:01 PM EDT Last Seen Wed 19 Aug 2009 08:43:01 PM EDT Local ID 194f2933-b29d-4605-9248-a056af793e4d Line Numbers Raw Audit Messages node=desk.mcguffeyfamily.net type=AVC msg=audit(1250728981.756:551): avc: denied { execmod } for pid=7313 comm=ld-linux.so.2 path=/usr/lib/libGL.so.1.2.#prelink#.4GxqM1 dev=sda2 ino=1733603 scontext=unconfined_u:system_r:prelink_t:s0 tcontext=unconfined_u:object_r:lib_t:s0 tclass=file node=desk.mcguffeyfamily.net type=SYSCALL msg=audit(1250728981.756:551): arch=4003 syscall=125 success=no exit=-13 a0=bd a1=6a000 a2=5 a3=bf974f60 items=0 ppid=7297 pid=7313 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=84 comm=ld-linux.so.2 exe=/lib/ld-2.9.so subj=unconfined_u:system_r:prelink_t:s0 key=(null) A few minutes later I got the same warning but it was about SELinux is preventing ld-linux.so.2 from loading /usr/lib/libGL.so.1.2.#prelink#.1brWwM which requires text relocation. I ran rpm -VA and received the following: [r...@desk ~]# rpm -Va S.5T c /etc/printcap ...T c /etc/sysconfig/system-config-users ...T/lib/modules/2.6.27.25-170.2.72.fc10.i686/modules.alias.bin ...T/lib/modules/2.6.27.25-170.2.72.fc10.i686/modules.dep.bin ...T/lib/modules/2.6.27.25-170.2.72.fc10.i686/modules.symbols.bin S.5T c /etc/login.defs ..5T c /etc/inittab S.5T c /etc/cups/classes.conf S.5T c /etc/cups/printers.conf SM5T c /etc/cups/subscriptions.conf ...T/lib/modules/2.6.27.29-170.2.79.fc10.i686/modules.alias.bin ...T/lib/modules/2.6.27.29-170.2.79.fc10.i686/modules.dep.bin ...T/lib/modules/2.6.27.29-170.2.79.fc10.i686/modules.symbols.bin S.5T c /etc/openldap/ldap.conf .MG./var/log/gdm .M../var/run/gdm L... c /etc/pam.d/system-auth S.?./usr/lib/libGL.so.1.2 ...T/var/lib/misc/PolicyKit.reload S.5T c /etc/ppp/chap-secrets S.5T c /etc/ppp/pap-secrets ..5T c /usr/lib/security/classpath.security ...T/lib/modules/2.6.27.29-170.2.78.fc10.i686/modules.alias.bin ...T/lib/modules/2.6.27.29-170.2.78.fc10.i686/modules.dep.bin ...T/lib/modules/2.6.27.29-170.2.78.fc10.i686/modules.symbols.bin S.5T c /etc/libuser.conf ..5T/etc/cron.d/smolt S.5T c /var/log/mail/statistics S.5T c /etc/ldap.conf S.5T c /etc/sane.d/dll.conf with the following line on the error output: prelink: /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 Could not trace symbol resolving After receiving
Re: [CentOS] Funny stuff in SELinux -- /usr/lib/libGL.so.1.2.#prelink#.4GxqM1
On Wed, 2009-08-19 at 21:15 -0400, David McGuffey wrote: Received this SELinux warning: Summary: SELinux is preventing ld-linux.so.2 from loading /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 which requires text relocation. ... What are the two files: /usr/lib/libGL.so.1.2.#prelink#.4GxqM1 /usr/lib/libGL.so.1.2.#prelink#.1brWwM And what is going on with them? Dave McGuffey Sorry to cycle all of you...this was on my Fedora 10 box, not the CentOS 5.3 box. It is still an interesting alert though. I'll send the problem to the SELinux forum. Dave McGuffey ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Funny stuff in SELinux -- /usr/lib/libGL.so.1.2.#prelink#.4GxqM1
On Thu, 2009-08-20 at 03:36 +0200, Tru Huynh wrote: On Wed, Aug 19, 2009 at 09:15:50PM -0400, David McGuffey wrote: Received this SELinux warning: You should ask the fedora mailing list. Sourceld-linux.so.2 Source Path /lib/ld-2.9.so Port Unknown Host desk.mcguffeyfamily.net Source RPM Packages glibc-2.9-3 Target RPM Packages Policy RPMselinux-policy-3.5.13-68.fc10 Tru Yep...realized that right after I hit the send/receive button. Ouch. See my follow a few moments later. Dave McGuffey ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Open Letter to Lance Davis
On Fri, 2009-07-31 at 13:55 -0500, Ron Blizzard wrote: On Fri, Jul 31, 2009 at 1:12 PM, Marcus Moellerm...@marcus-moeller.de wrote: But please note: CentOS itself has a clear strategy which means upstream compatibility. Nothing more and nothing less. No focus on specialized systems (which does not mean you can create a custom spin for an specific purpose, e.g. a CentOS netbook spin) This is one of the reasons I chose CentOS -- specifically because it is a Red Hat rebuild with upstream compatibility. Although, in my opinion, CentOS stands on its own -- I figured it was a plus that while I was learning CentOS I was also learning Red Hat. I first found CentOS via Trixbox and asterisk (I'm a Nortel phone tech with interest in asterisk). As it turns out a career change may be forced on me -- so I'm now studying to take the Red Hat Technician (or Engineering) certification exams to augment my resume. It has been a huge head start to have been using Red Hat for the past year and a half. So, I guess, this is just a vote for keeping CentOS as is. Although I think community rebuild projects would be cool also. Agree. My customers buy RHEL by the thousands of copies. I use CentOS so that I stay on top of what my customers are experiencing, to test the integration of security tools, and to test various levels of hardening guidance. RH, whether or not they know it, has a lot to gain by ensuing that CentOS continues. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Open Letter to Lance Davis
On Fri, 2009-07-31 at 20:56 +0100, Ned Slider wrote: Marcus Moeller wrote: Hi, My 'dream' OS has always been one where the base install was extremely minimal - just enough to install the rest over the network. Then there ... Sounds like all you folks need to get together, start a CentOS minimal install CD SIG and get on with it :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos That would certainly simplify my challenge in building hardened baseline loads from which to build other specialized servers. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems with Broadcom 4312 wireless
On Wed, 2009-07-29 at 01:09 +0100, Ned Slider wrote: Milos Blazevic wrote: Message: 27 Date: Tue, 28 Jul 2009 00:31:53 +0100 From: Ned Slider n...@unixmail.co.uk Subject: Re: [CentOS] Problems with Broadcom 4312 wireless To: CentOS mailing list centos@centos.org Message-ID: 4a6e38e9.1010...@unixmail.co.uk Content-Type: text/plain; charset=ISO-8859-1; format=flowed Milos Blazevic wrote: Hello David, In brief, I've solved this problem on my Dell Inspiron 1525 (with Broadcom 4312 wireless card), so I figured letting You know would be nice, 'cause it didn't seem like the issue is resolved. Visit this link: http://jomcode.com/fadhil/?p=59 and in addition check out the comment on the same page by Andre Kiepe to have the modules load on boot. Best Regards, Milos. I'm not overly familiar with broadcom wireless (always tried to avoid it), but we can probably package wl.ko as a kABI-tracking kmod for el5 over at ELRepo.org if you're interested? This would remove the need to recompile the driver from source for every kernel update, not to mention provide a user friendly RPM package for yum. Also, does this driver require firmware, and if so where does one obtain that? Sure I'm insterested in compiling the driver to RPM and making it available to others. I was suggesting that I could package it and make it available to the community through elrepo.org (a third party repo that specialises in backporting drivers for improved hardware support in RHEL/CentOS 5). I've tested the driver today (by connecting to the available access point) briefly and it didn't display any problems in functioning. Now, according to the news clipping from computerworld.com, by installing this, one would still use the proprietary Broadcom firmware, which, I suppose, comes along with the driver released by Broadcom at: http://www.broadcom.com/support/802.11/linux_sta.php I don't see the firmware or know where to get it from, hence why I asked. Once I know where to get the required firmware for this driver, we can package that too and make it a dependency of the driver package. Also, according to the Broadcom's README, all other firmware kernel modules have to be removed (or blacklisted) from kernel before installing this. The blacklisting is probably best done from within the driver package and simple enough to do. The main issue I have with this atm is that I've just read the Broadcom license for the binary blob of this driver and I don't much like the sound of 2.3(b) below: 2.3. Restriction on Distribution. Licensee shall only distribute the Software (a) under the terms of this Agreement and a copy of this Agreement accompanies such distribution, and (b) agrees to defend and indemnify Broadcom and its licensors from and against any damages, costs, liabilities, settlement amounts and/or expenses (including attorneys' fees) incurred in connection with any claim, lawsuit or action by any third party that arises or results from the use or distribution of any and all Software by the Licensee except as contemplated herein. Anyone care to comment on that? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I should have cleaned this old question up. I solved it by using the Broadcom hybrid driver and building the module as Milos recommended. I did not however add the tkip module: modprobe ieee80211_crypt_tkip. I get excellent WAP, but no WPA or WPA2. Maybe I should finish the install and test again. :( Dave M ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Which external WiFi device for laptop running CentOS 5.3?
Have decided to give up on the embedded Broadcom 4312 wireless device in my son's Dell laptop. I get WEP open authentication to work, but nothing else. I was about to dump the bcm43xx kernel module and the bcm43xx-microcode5.fw firmware and work with the newer b43 module and associated firmware. However, he claims that at school, he has always had intermittent problems with wireless under Vista and wants an external device (USB or PCMCIA). So...if you had a clean slate, which make model would you buy for mindlessly easy installation and use under CentOS 5.3? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems with Broadcom 4312 wireless
There are some possibly-related notes on this page in the wiki: http://wiki.centos.org/HowTos/Laptops/HP/Pavilion-ze5300_Series Short summary: neither bcm43xx nor ndiswrapper are a perfect solution, and you may need to blacklist the bcm43xx driver to use ndiswrapper. That wiki entry was originally written for CentOS 5.0. I'm currently running 5.3 with the supplied bcm43xx driver and it has some problems with duplicate/dropped packets so the performance is suboptimal, but it does work. Yes, the bcm43xx driver is ugly. Finally got it to work last night by placing the AP in WEP Open Authentication. The driver won't work with WEP Shared Key, or WPA/WPA2 in any mode. And, there is a lot of packet loss. This won't do for a laptop that has to go back to college and hit a lot of APs that may be configured with WPA. Next step is to remove the bcm43xx driver and replace it with the more modern b43 driver from Broadcom. Here is some more info I captured last night: // A slice from /var/log/messages Jun 10 19:57:27 ErichLaptop kernel: bcm43xx: Radio hardware status changed to enabled Jun 10 19:57:47 ErichLaptop kernel: bcm43xx: set security called, .active_key = 0, .enabled = 1, .encrypt = 1 Jun 10 19:58:07 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:58:08 ErichLaptop kernel: bcm43xx: set security called, .active_key = 0, .enabled = 1, .encrypt = 1 Jun 10 19:58:12 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:58:40 ErichLaptop kernel: bcm43xx: set security called, .active_key = 0, .enabled = 1, .encrypt = 1 Jun 10 19:59:00 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:59:00 ErichLaptop kernel: bcm43xx: set security called, .active_key = 0, .enabled = 1, .encrypt = 1 Jun 10 19:59:04 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:59:11 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: Radio initialized Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0200 (RX) max used slots: 1/64 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x02A0 (TX) max used slots: 0/512 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0280 (TX) max used slots: 0/512 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0260 (TX) max used slots: 0/512 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0240 (TX) max used slots: 0/512 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0220 (TX) max used slots: 2/512 Jun 10 19:59:27 ErichLaptop kernel: bcm43xx: DMA-32 0x0200 (TX) max used slots: 0/512 Jun 10 20:10:00 ErichLaptop kernel: bcm43xx: Microcode rev 0x127, pl 0xe (2005-04-18 02:36:27) Jun 10 20:10:00 ErichLaptop kernel: bcm43xx: Radio turned on Jun 10 20:10:00 ErichLaptop kernel: bcm43xx: Radio enabled by hardware Jun 10 20:10:01 ErichLaptop kernel: bcm43xx: Chip initialized Jun 10 20:10:01 ErichLaptop kernel: bcm43xx: 32-bit DMA initialized Jun 10 20:10:01 ErichLaptop kernel: bcm43xx: Keys cleared Jun 10 20:10:01 ErichLaptop kernel: bcm43xx: Selected 802.11 core (phytype 2) Jun 10 20:10:01 ErichLaptop kernel: bcm43xx: set security called, .level = 0, .enabled = 0, .encrypt = 0 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: Radio initialized Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0200 (RX) max used slots: 1/64 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x02A0 (TX) max used slots: 0/512 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0280 (TX) max used slots: 0/512 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0260 (TX) max used slots: 0/512 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0240 (TX) max used slots: 0/512 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0220 (TX) max used slots: 1/512 Jun 10 20:10:12 ErichLaptop kernel: bcm43xx: DMA-32 0x0200 (TX) max used slots: 0/512 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx driver Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Chip ID 0x4311, rev 0x1 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Number of cores: 4 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Core 0: ID 0x800, rev 0x11, vendor 0x4243 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Core 1: ID 0x812, rev 0xa, vendor 0x4243 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Core 2: ID 0x817, rev 0x3, vendor 0x4243 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Core 3: ID 0x820, rev 0x1, vendor 0x4243 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: PHY connected Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Detected PHY: Analog: 4, Type 2, Revision 8 Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Detected Radio: ID: 2205017f (Manuf: 17f Ver: 2050 Rev: 2) Jun 10 20:12:05 ErichLaptop kernel: bcm43xx: Radio initialized Jun 10 20:12:05
Re: [CentOS] Problems with Broadcom 4312 wireless
On Fri, 2009-06-12 at 12:17 +0100, Michael Simpson wrote: On 12/06/2009, David McGuffey davidmcguf...@verizon.net wrote: According to the guidance a linuxwireless.com the b43 driver (not bcm43xx or b43legacy) should work with the 4312 device. If I can't get bcm43xx and bcm43xx-microcode5.fw to work, then I may try to install the b43 driver and blacklist bcm43xx. Hi there i never got NetworkManager to work with bcm43xx but using network and wpa_supplicant with the required conf for WPA2 is rock solid for me technically (according to linuxwireless.org) i should be using the b43 module but the bcm43xx in the stock CentOS kernel with v3 of the broadcom firmware works very well mike ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos My next step is to remove the bcm43xx driver and the bcm43xx-microcode5.fw firmeware and replace with the b43 driver. I'm mostly into OS hardening and application security configuration...hardware and firmware is not my forte. How does one remove bcm43xx and install b43? Guess I should start another topic about removing and replacing kernel modules. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to reply to a digest
I'm receiving the centos-request in digest mode. Using Fedora 10 and Evolution. When I tried to reply to a centos-request message inside the digest, the result doesn't seem to look right. I cut/paste the proper subject line (replacing the CentOS Digest, Vol NN, Issue nn text), but some have complained that this approach doesn't allow the original question and replies to be threaded. So...what is the appropriate way to respond when one is receiving the digest version? Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Problems with Broadcom 4312 wireless
I'm migrating my son's Dell laptop from Vista to CentOS 5.3. He came back from each of his first two years of college loaded with virii and trojans. This year he said Dad, can you give me Linux? 5.3 went onto the laptop easily and after doing some research, I applied the guidance for getting multimedia working and got the nvidia driver loaded. That works great. Last problem is with the Broadcom 4312 wireless device. Again, did some research and found two ways. One was the Broadcom provided Linux driver, and the other was the guidance on how to use fw-cutter from linuxwireless.com. Had a problem getting the Broadcom driver to compile (failed with a define TYPEDEF_BOOL collision that I couldn't work out). Has been many a year since I last worked with C/C++, so I tried the other guidance to use fw-cutter. I now have partial success. The wireless device light comes on, and the device attempts to negotiate a connection with a wireless firewall/switch (I control). Need help figuring out why it is failing. Here is some output that might help: Some relevant lines from /var/log/messages: Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) starting connection 'System eth0' Jun 10 20:15:24 ErichLaptop NetworkManager: info (eth0): device state change: 3 - 4 Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 1 of 5 (Device Prepare) scheduled... Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 1 of 5 (Device Prepare) started... Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 2 of 5 (Device Configure) scheduled... Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 1 of 5 (Device Prepare) complete. Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 2 of 5 (Device Configure) starting... Jun 10 20:15:24 ErichLaptop NetworkManager: info (eth0): device state change: 4 - 5 Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 2 of 5 (Device Configure) successful. Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 3 of 5 (IP Configure Start) scheduled. Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 2 of 5 (Device Configure) complete. Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 3 of 5 (IP Configure Start) started... Jun 10 20:15:24 ErichLaptop NetworkManager: info (eth0): device state change: 5 - 7 Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Beginning DHCP transaction. Jun 10 20:15:24 ErichLaptop dhclient: Internet Systems Consortium DHCP Client V3.0.5-RedHat Jun 10 20:15:24 ErichLaptop NetworkManager: info dhclient started with pid 3557 Jun 10 20:15:24 ErichLaptop dhclient: Copyright 2004-2006 Internet Systems Consortium. Jun 10 20:15:24 ErichLaptop NetworkManager: info Activation (eth0) Stage 3 of 5 (IP Configure Start) complete. Jun 10 20:15:24 ErichLaptop dhclient: All rights reserved. Jun 10 20:15:24 ErichLaptop dhclient: For info, please visit http://www.isc.org/sw/dhcp/ Jun 10 20:15:24 ErichLaptop dhclient: Jun 10 20:15:24 ErichLaptop NetworkManager: info DHCP: device eth0 state changed normal exit - preinit Jun 10 20:15:24 ErichLaptop dhclient: Listening on LPF/eth0/00:21:70:78:41:51 Jun 10 20:15:24 ErichLaptop dhclient: Sending on LPF/eth0/00:21:70:78:41:51 Jun 10 20:15:24 ErichLaptop dhclient: Sending on Socket/fallback Jun 10 20:15:24 ErichLaptop dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7 Jun 10 20:15:26 ErichLaptop dhclient: DHCPOFFER from 192.168.1.1 Jun 10 20:15:26 ErichLaptop dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 Jun 10 20:15:26 ErichLaptop dhclient: DHCPACK from 192.168.1.1 Jun 10 20:15:26 ErichLaptop dhclient: bound to 192.168.1.6 -- renewal in 42971 seconds. Jun 10 20:15:26 ErichLaptop NetworkManager: info DHCP: device eth0 state changed preinit - bound Jun 10 20:15:26 ErichLaptop NetworkManager: info Activation (eth0) Stage 4 of 5 (IP Configure Get) scheduled... Jun 10 20:15:26 ErichLaptop NetworkManager: info Activation (eth0) Stage 4 of 5 (IP Configure Get) started... Jun 10 20:15:26 ErichLaptop NetworkManager: infoaddress 192.168.1.6 Jun 10 20:15:26 ErichLaptop NetworkManager: infoprefix 24 (255.255.255.0) Jun 10 20:15:26 ErichLaptop NetworkManager: infogateway 192.168.1.1 Jun 10 20:15:26 ErichLaptop NetworkManager: infohostname 'ErichLap.mcguffeyfamily.net' Jun 10 20:15:26 ErichLaptop NetworkManager: infonameserver '192.168.1.1' Jun 10 20:15:26 ErichLaptop NetworkManager: infodomain name 'mcguffeyfamily.net' Jun 10 20:15:26 ErichLaptop NetworkManager: info Activation (eth0) Stage 5 of 5 (IP Configure Commit) scheduled... Jun 10 20:15:26 ErichLaptop NetworkManager: info Activation (eth0) Stage 4 of 5 (IP Configure Get) complete. Jun 10 20:15:26 ErichLaptop NetworkManager: info Activation (eth0) Stage 5 of 5
Re: [CentOS] Problems with Broadcom 4312 wireless
On Thu, 2009-06-11 at 12:00 -0400, centos-requ...@centos.org wrote: Message: 49 Date: Thu, 11 Jun 2009 08:50:31 -0400 From: Phil Schaffner philip.r.schaff...@nasa.gov Subject: Re: [CentOS] Problems with Broadcom 4312 wireless To: CentOS mailing list centos@centos.org Message-ID: 4a30fd97.3060...@nasa.gov Content-Type: text/plain; charset=ISO-8859-1; format=flowed David McGuffey wrote: ... Last problem is with the Broadcom 4312 wireless device. Again, did some research and found two ways. One was the Broadcom provided Linux driver, and the other was the guidance on how to use fw-cutter from linuxwireless.com. ... This forum thread may be useful: http://www.centos.org/modules/newbb/viewtopic.php?topic_id=20640forum=40 Although it is for a similar but different piece of Broadcom hardware, and does not come to a clean resolution, the key point seems to be: --- Will you please now look at the output of a /sbin/lspci -n command that relates to your BCM4311 card. If the Vendor:Device ID pairing is one of the following -- 14E4:4301 14E4:4307 14E4:4311 14E4:4312 14E4:4318 14E4:4319 14E4:4320 14E4:4324 14E4:4325 -- then the bcm43xx driver module present in the distributed CentOS kernel will be appropriate for that card. In other words, there will be no need for you to use ndiswrapper. --- Not using ndiswrapper. Output of lspci -n gives 14e4:4312 I believe I'm really close. After installing the firmware with fw-cutter, the load complaint about not finding bcm43xx-microcode5.fw went away. And...the device appears to attempt negotiation with the AP. Found another piece of guidance that the bcm43xx driver has problems with WEP and shared key...will try open authentication and WPA/WPA2 tonight. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems with Broadcom 4312 wireless
On Thu, 2009-06-11 at 12:00 -0400, centos-requ...@centos.org wrote: Message: 64 Date: Thu, 11 Jun 2009 08:14:17 -0700 From: Bart Schaefer barton.schae...@gmail.com Subject: Re: [CentOS] Problems with Broadcom 4312 wireless To: CentOS mailing list centos@centos.org Message-ID: 6bb609560906110814t3c41faaci58d5b92ed7f42...@mail.gmail.com Content-Type: text/plain; charset=ISO-8859-1 On Thu, Jun 11, 2009 at 4:54 AM, David McGuffeydavidmcguf...@verizon.net wrote: Last problem is with the Broadcom 4312 wireless device. ?Again, did some research and found two ways. ?One was the Broadcom provided Linux driver, and the other was the guidance on how to use fw-cutter from linuxwireless.com. There are some possibly-related notes on this page in the wiki: http://wiki.centos.org/HowTos/Laptops/HP/Pavilion-ze5300_Series Short summary: neither bcm43xx nor ndiswrapper are a perfect solution, and you may need to blacklist the bcm43xx driver to use ndiswrapper. That wiki entry was originally written for CentOS 5.0. I'm currently running 5.3 with the supplied bcm43xx driver and it has some problems with duplicate/dropped packets so the performance is suboptimal, but it does work. Thanks... According to the guidance a linuxwireless.com the b43 driver (not bcm43xx or b43legacy) should work with the 4312 device. If I can't get bcm43xx and bcm43xx-microcode5.fw to work, then I may try to install the b43 driver and blacklist bcm43xx. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to reply to a digest
On Thu, 2009-06-11 at 12:00 -0400, centos-requ...@centos.org wrote: Message: 45 Date: Thu, 11 Jun 2009 13:48:25 +0200 From: M. Fioretti mfiore...@nexaima.net 1. Subject: Re: [CentOS] How to reply to a digest To: centos@centos.org Message-ID: 2009064825.gd2...@nexaima.net Content-Type: text/plain; charset=us-ascii On Thu, Jun 11, 2009 07:42:28 AM -0400, David McGuffey wrote: So...what is the appropriate way to respond when one is receiving the digest version? It probably is to automatically split the digest into the original, separate message as soon as it arrives, using procmail or formail. Search for procmail split digests and you'll find several explanations. This said, I really have to ask: do whatever you like as long as you don't break threads but... why on Earth do you use digests? Are you with an ISP which limits how many messages you can receive per day? That's the only valid reasons I've ever read for digests in ~15 years of email usage... Just curious, Marco Fioretti I'll go back and see if I can change from digest to individual e-mail mode. Then use some Evolution rules to put the e-mails into a separate folder. Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to remove the wrong wireless firmware module
David McGuffey wrote: How do I back out of these directions? yum install iwl4965-firmware rmmod iwl4965; modprobe iwl4965 rmmod iwl4965 yum erase iwl4965-firmware Your wireless device should be working now. Enable NetworkManager to use it. Starting from CentOS 5.3 (kernel 2.6.18-128) the kernel includes the iwlagn kernel module. If you are running an older kernel, please look at the ipw4965 method above. First download and install the firmware (see above), then just reload the iwlagn kernel module: rmmod iwlagn; modprobe iwlagn I managed to grab the wrong set of firmware for my Dell Latitude D830. There was conflicting guidance on the Internet as to which device was installed...I've now found out that it is a Broadcom device. I need to remove the Intel firmware and install the Broadcom firmware. No, not really. Firmwares are generaly installed to /etc/firmware and the correct firmware will automatically be loaded and used by the wireless driver, so it really doesn't matter if a bunch of other firmwares are present on your system or not. But if you want to uninstall them, just use: yum erase iwl4965-firmware BTW, it appears that support for the Broadcom wireless device is not in the CentOS repositories. I think I 'm going to have to download the Broadcom files and make the firmware module. I'd like to avoid that...any guidance? Please show us: lspci then: lspci -n | grep '0X:0Y.Z' where 0X:0Y.Z is the first column output for the Broadcom wireless device. Then we may be able to tell you if it's supported or not, and what driver to use. lspci shows: [r...@erichlaptop ~]# /sbin/lspci 00:00.0 Host bridge: Intel Corporation Mobile PM965/GM965/GL960 Memory Controller Hub (rev 0c) 00:01.0 PCI bridge: Intel Corporation Mobile PM965/GM965/GL960 PCI Express Root Port (rev 0c) 00:1a.0 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #4 (rev 02) 00:1a.1 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #5 (rev 02) 00:1a.7 USB Controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #2 (rev 02) 00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 02) 00:1c.0 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 1 (rev 02) 00:1c.1 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 2 (rev 02) 00:1c.3 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 4 (rev 02) 00:1c.5 PCI bridge: Intel Corporation 82801H (ICH8 Family) PCI Express Port 6 (rev 02) 00:1d.0 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #1 (rev 02) 00:1d.1 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #2 (rev 02) 00:1d.2 USB Controller: Intel Corporation 82801H (ICH8 Family) USB UHCI Controller #3 (rev 02) 00:1d.7 USB Controller: Intel Corporation 82801H (ICH8 Family) USB2 EHCI Controller #1 (rev 02) 00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev f2) 00:1f.0 ISA bridge: Intel Corporation 82801HEM (ICH8M) LPC Interface Controller (rev 02) 00:1f.1 IDE interface: Intel Corporation 82801HBM/HEM (ICH8M/ICH8M-E) IDE Controller (rev 02) 00:1f.2 IDE interface: Intel Corporation 82801HBM/HEM (ICH8M/ICH8M-E) SATA IDE Controller (rev 02) 00:1f.3 SMBus: Intel Corporation 82801H (ICH8 Family) SMBus Controller (rev 02) 01:00.0 VGA compatible controller: nVidia Corporation Quadro NVS 140M (rev a1) 09:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5755M Gigabit Ethernet PCI Express (rev 02) 0c:00.0 Network controller: Broadcom Corporation BCM4312 802.11a/b/g (rev 01) uname -a shows: [r...@erichlaptop ~]# uname -a Linux ErichLaptop.mcguffeyfamily.net 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:39:21 EDT 2009 i686 i686 i386 GNU/Linux Based on this, I know I have a Broadcom NetXtreme ethernet adapter (eth0 in my case) and a Broadcom BCM4312 wireless adapter (eth1 in my case). modprobe -l shows a b43 module. But obviously it isn't sufficient for the BCM4312. eth0 works well (although DNS dies on a regular basis, for which there are a lot of heated discussions about NetworkManager and dns on the various linux sites). eth1 is not found and when I right-click on the NetworkManager icon on the top right corner of the screen, it shows a wireless in a grayed out text. When I go to SystemAdministrationNetwork, I cannot enable the wireless (eth1) device. It tries and then after trying to find an IP, it fails. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS Digest, Vol 53, Issue 4
On Wed, Jun 3, 2009 at 8:52 AM, David McGuffey davidmcguf...@verizon.net wrote: This is my first post here on the CentOS forums.? I've been running Fedora since FC4, and have been working with RHEL 4 at work.? But this is my first foray into CentOS. I followed the multimedia guidance on the wiki, and now have the ability to view a lot of different video clips on the Internet, and have the ability to listen to a variety of music files.? However, watching a DVD movie still escapes me. I followed all the steps on the page in the wiki, and had no errors in the output. DVD playing has been kind of an odd problem for me on my desktop computer using CentOS 5.3. No problem at all on my laptop. I like and use VLC, but it won't play DVDs on this particular computer -- I get a segmentation error. Nor will mPlayer or Totem work. Xine works fine, so I just use that. VLC works fine on my laptop. I've never had any luck with Totem. When I put the DVD (Master and Commander in this case), into the drive, totem automatically comes up and I get a warning that I don't have the correct codec to play it. That's my experience. And there never seems to be any fix that actually works. I killed totem and manually tried to start the DVD with mplayer. mplayer sat there...not recognizing that there was a DVD in the drive. mPlayer, on my computer, recognizes the DVD, it just doesn't play it. So...what final steps do I need to complete to get a commercial DVD movie to play? machine is a Dell Latitude D830 with 2GB of ram and an Intel Core 2 Duo. The first thing I would try is downloading and installing VLC. If that doesn't work, go for Xine. -- RonB -- Using CentOS 5.3 Thanks...you are the second one to recommend xine. I gave up on toten and mplayer and loaded xine. It recognized the dvd and played it...but it gives me an error/warning about dropping lots of frames and jerks to a halt once every few seconds. I'm working my way through the xine FAQ concerning performance to see if I can fix that on this laptop. The laptop is only about 18 mo old and not a dog. It is an Intel duo with 2GM of ram, and should have enough steam to play a dvd. It plays them well under MS Vista, but jerky under Centos 5.3 and xine, so it has to be a software issue. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Can't play DVD movies on CentOS 5.3 after following guidance on the wiki
This is my first post here on the CentOS forums. I've been running Fedora since FC4, and have been working with RHEL 4 at work. But this is my first foray into CentOS.I followed the multimedia guidance on the wiki, and now have the ability to view a lot of different video clips on the Internet, and have the ability to listen to a variety of music files. However, watching a DVD movie still escapes me. I followed all the steps on the page in the wiki, and had no errors in the output.When I put the DVD (Master and Commander in this case), into the drive, totem automatically comes up and I get a warning that I don't have the correct codec to play it.I killed totem and manually tried to start the DVD with mplayer. mplayer sat there...not recognizing that there was a DVD in the drive.So...what final steps do I need to complete to get a commercial DVD movie to play?machine is a Dell Latitude D830 with 2GB of ram and an Intel Core 2 Duo. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to remove the wrong wireless firmware module
How do I back out of these directions?"yum install iwl4965-firmwarermmod iwl4965; modprobe iwl4965Your wireless device should be working now. Enable NetworkManager to use it. Starting from CentOS 5.3 (kernel 2.6.18-128) the kernel includes the iwlagn kernel module. If you are running an older kernel, please look at the ipw4965 method above. First download and install the firmware (see above), then just reload the iwlagn kernel module: rmmod iwlagn; modprobe iwlagn"I managed to grab the wrong set of firmware for my Dell Latitude D830. There was conflicting guidance on the Internet as to which device was installed...I've now found out that it is a Broadcom device. I need to remove the Intel firmware and install the Broadcom firmware.BTW, it appears that support for the Broadcom wireless device is not in the CentOS repositories. I think I 'm going to have to download the Broadcom files and "make" the firmware module. I'd like to avoid that...any guidance? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos