[CentOS] package recommendation for video conferencing
Hi. We have a need for a video conferencing package with the following specs: - cross platform client support (Linux, Mac, Win) - server side runs on Centos 5 and later with easy package installation routine (e.g. RPM) - can host a teleconfernce with no users connected (IOW, it can wait for users to connect at any time) - supports mulitple users per video conference Recommendations? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Linus Torvalds delays Linux 3.0 launch due to a subtle bug (fwd)
And more over, there is nothing earth-shatteringly new in the 3.0 kernel. Linus said during the last kernel summit he wanted to change the versioning scheme to make it easier for various developers in different realms to track version changes. Don't expect anything super-cool for us on the sysadmin/user side as a direct result of the 3.x kernel. Of course, incremental changes are usually welcome for stability and device driver support. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Jumbo Frame performance or lackof?
I'm wondering, that since Jumbo Frames was supposed to be better for bulk transfers, why am I seeing these results? Is it the ElRepo drivers I used to enable higher MTUs or possibly some kind of oddity with the realtek NICs I am using? Or am I mistaken about the benefits of jumbo frames and that they are only beneficial in specific configurations, perhaps only with higher network speeds and enough packets at 1500 MTU to overwhelm packet handling hardware? In short, the entire path from origin to destination must be configured to support jumbo frames. If not, then the devices at various points in the path will attempt to scale and you'll end up getting fragmentation and higher overhead in the devices leading to worse overall performance. Have you verified this is the case? Of course, the quality of the driver for your NIC will also play a role. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 in CentOS 5.6?
Just another happy camper here. We have ext4 for some high-volume servers and have experienced no operational problems. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS-6 Status updates
No. I worked with both SCO and ISC linux in the late 80's and early 90's and run level 5 was used for X. In fact I think it was used also in DGUX for X. I don't know about ISC UNIX (aka Interactive UNIX) but SCO did not use run level 5 for X. I cut my teeth on System V UNIX including SCO UNIX 3.2 and seeing X in runlevel 5 these days still feels wrong to me all these years later, though I have to come realize how convenient it is. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] what is difference between slow initialize and patrol read on RAID?
For your reference: http://stuff.mit.edu/afs/athena/dept/cron/documentation/dell-server-admin/en/Perc6i_6e/chapterb.htm Hopefully that answers the question. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos friends?
One of the tasks on the table for this summer is to setup a mechanism to accept financial donations / contributions from people. If you want to contribute towards specific people's efforts - I am sure most of the guys have amazon wish lists etc in place. Don't forget about us little guys! Centos/RHEL also build on upstream projects which would be happy to take donations until the CentOS donation system is ironed out. For example: http://www.apache.org/foundation/sponsorship.html http://openvas.org/professional-services.html (FOSS security auditing software) -- commission us to write new documentation or new features [*] http://www.lighttpd.net/thank-you (lighttpd web server) https://my.fsf.org/donate/ (GNU/FSF) [*] Due notice, this is a project I am an active developer for. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Adding comments to /etc/sysconfig/iptables
assuming you are talking about /etc/sysconfig/iptables , hash is indeed the comment mark, and works fine. In my file on this system all comment lines have a hash as first character on the line though, so perhaps it doesn't like end-of-line comments but only accepts full lines of comment. FYI, using iptable comments commands are even more useful as they are displayed whenever you actually list the rules (e.g. via service iptables status). For example: -A INPUT -s 10.0.0.2 -m comment --comment I am an example comment -j DROP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] php53 and eacclerator
I uploaded the spec here: http://ubliga.de/php-eaccelerator.spec It's adjusted for RHEL/Centos 5.6 so that it works with stock php53 packages - no need to pull in packages from other repos. Thanks! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] php53 and mcrypt
More PHP fun! I can see in the spec files that php-mcrypt support was removed by Redhat. I tried to find out why but I don't have sufficient access to redhat bugzilla. I am wondering if it is actually necessary as I have also run across a post or two that indicates applications that rely on mcrypt still work with the new php53. Perhaps mcrypt was superceded by another module or PHP core code? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] php53 and eacclerator
Hi. There does not seem to be a php53-eaccelerator in standard Centos yum channels, from what I can see. That is a mainstay for us. Has anyone found that any particular php53-eacclerator from other locations play well with it? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alternatives to apache for php based servers: Nginx
Anyone here using Nginx as alternative to apache in conjunction to php scripts? Care to share thoughts and caveats? Yes, we use nginx + PHP and also apache + nginx + PHP extensively and it works well. You can also look at lighttpd + PHP as another alternative that works well. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] log monitoring and reporting software
It has to collect logs from syslog (or similar service ), because one requirement for certification is log history from all devices in one place. And since we are talking about 1500 devices it should be easy to configure and maintain. -- You might want to think about: syslog-ng/rsyslog remote logging + syslog-ng/rsyslog master log receiver + splunk If you find that log messages are getting lost or you need to guarantee that messages arrive you can also consider RELP (supported by rsyslog and possibly by syslog-ng). I actually have experience with writing these types of tools in perl, and found it is not really that hard to do if you have good in-house devops talent at hand. Management and retention of the all that data is the biggest challenge. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to optimize CentOS XEN dom0?
The server runs on a Core2Quad 9300, with 8GB RAM (max motherboard can take, 1U chassis) on an Intel motherboard with a 1TB SATA HDD. dom0 is set to 512MB limit with a few small XEM VM's running: root@zaxen01:[~]$ xm list Name ID Mem(MiB) VCPUs State Time(s) Domain-0 0 512 4 r- 96.5 actionco.vm3 1519 1 -b 14.8 byracers.vm4 511 1 -b 85.7 ns15 511 1 -b 22.3 picturestravel6 255 1 -b 13.3 rafttheworld 7 255 1 -b 11.3 zafepres.vm8 511 1 -b 19.0 ... What are the actual symptoms you are seeing? In general I found that tuning the disk scheduler and also the Xen guest scheduler to be helpful: http://wiki.xensource.com/xenwiki/CreditScheduler http://www.cyberciti.biz/faq/linux-change-io-scheduler-for-harddisk/ Also, I always recommend building Xen servers to use SAS drives rather than SATA because SATA are half duplex while SAS is full duplex, meaning under higher or more random IO you will better throughput. In my experience I see almost double the performance when using SAS over SATA, but our environments are IO heavy and may not reflect the realities of your environment. I would also suggest, running disk IO stats in the VMs simultaneously while running iostat or vmstat in Dom0 to get a good read for where bottlenecks really are. I actually prefer to use the simple postmark utility as it is relatively simple and avoids disk caching issues which skew your results. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
How would they be different from Oracle if they did that as a business? -- Oracle's RH derivitive has a different mission than Centos. Their distro is pre-configured to handle typical Oracle DB workloads by shipping with different kernel settings, modules and apps that are not part of standard RH. It is primarily meant to ease Oracle deployments for shops that have a great amount of RH in-house knowledge and expertise. Their version is not meant to be a general purpose server platform. While they offer compatibility with stock RH, you need to do further configuration if you want something closer to a clone distro. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Troubles for an non-IT beginner
Wrong on the demise of the Sparc. Oracle just posted a massively record breaking TPC-C benchmark using their new Sparc T3 servers, something like 30 MILLION TPM. Oracle has very publically committed to keeping SPARC strong, which is good news for those of us believe in diversity in the compute-verse. Even so, SPARC is also supported by Fujitsu, so as they... [SPARC's] demise has been greatly exaggerated. There's also Power aka PPC, formerly used in Apple Macintosh computers, and still used on large scale IBM AIX Unix servers, the Power series. These also are very high performance. Just a minor nit here, POWER is not the same thing as PPC. PPC branched from POWER with strong influences from other vendors and technologies. PPC has since evolved into a mostly embedded platform, though later POWER releases are (mostly) compatible with PPC. One of my former employers (a fossilized System V UNIX vendor) was part of the alliance that worked on a common UNIX implementation for this processor family, which sadly, never came to fruition. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 5.6 is out
Hey devs/QA, etc: keep on rollin', as they say here in the states. Thanks, guys and gals, for all that you do I hope that Centos team can finally fix the donations page, so that people can donate money to project. +1 ... Err... +$10 Speaking as an upstream developer (*) may I suggest that in the absence of a Centos donations page, folks donate directly to the various OSS applications they use?If you don't have one in mind, the SPI (Software in the Public Interest) is a good place to get informed. The Centos project might even want to explore joining SPI. http://www.spi-inc.org/ * In the interest of fairness, I will refrain from pushing my own project, though we are an SPI member. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] automated remote cloning
Good morning/day and Happy New Year. We have a geographically distributed environment (marketing speak: cloud) where we regularly need to migrate individual systems to new hardware (for bigger disks or for better geographical placement, for example). We currently use Cobbler to do our base installs automatically and I am now looking at integrating Clonezilla with Cobbler. The goal is take an *individual* system that has been customized and migrate it in an automated fashion. We currently do this using Cobbler and then running rsync and mysqldump in a script along with other system - userland module configurations (such as PHP modules) but the process is tedious and generally a PITA. We also must have the ability to run this across different datacenters on different continents. Any pointers to good automated solutions? References: https://fedorahosted.org/cobbler/wiki/ClonezillaIntegration ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I/O size distribution?
.. I have read that under Solaris one can use DTrace to get I/O request size distribution on a global scale (also on a per process/pid basis). See for example http://prefetch.net/articles/observeiodtk.html Can anyone recommend an alternative to get similar information under CentOS? I looked into dtrace for linux but it seems still work in progress, even putting aside CDDL issues ... http://www.crisp.demon.co.uk/tools.html You can try SystemTap: http://sourceware.org/systemtap/ It seems to be roughly analagous to dtrace and is aimed squarly at the linux kernel. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to set up for PHP websites
Is there a how-to somewhere on getting php running with nginx? I would love to get that working. http://wiki.nginx.org/PHPFcgiExample We have around a dozen systems running in this configuration and it works well. They are among our lowest maintenance and highest performing sites that we have. Note that there is an fcgi package available (in EPEL, possibly also in rpmforge) which takes care of most of the configuration for you. You primarily need to pay attention to the nginx config and then make sure the fcgi service is running. Good luck. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
I would guess no one knows. But all of my CentOS installs are OOB as concerning SELinux, except the two scalix installs, which have some custom 'stuff' thanks to the scalix instance naming. All I know is at the last two companies I worked at - ATT, a small team building software for the NOC, a smaller root CA, and here at the federal agency I'm at, we either turned it off, or have it set to permissive. I disabled it on the last 1000 hosts *I* installed Hmmm... it would be interesting take some Centos systems with production like deployments (say 3 with SELinux and 3 without) and ask a professional pen-tester to try to get into them. Anyone willing to contribute funds (or time) to such a study? It would be educational experience and good PR, at the least. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Novell sale news?
What we need is a What would a good sysadmin think? list where one of the criteria for being a good sysadmin would obviously be that you know something about Centos but the rest of the scope covers applications, conversions, product comparisons, legal issues, etc. The kind of stuff most of us do every day... Hmm... I had been contemplating a generic linux-sysadmin or linux-systems list for quite a while. My vision for the list would be OS distribution neutral, though. Some of us do work in multi-OS shops, afterall. If there is enough interest (reply to me privately, please) I can set something up. Otherwise a centos-sysadmin list is a good idea, I think. -Geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A proposed CentOS mailing list FAQ
# 1. This mailing list is here for folks around the world to share knowledge about CentOS and Linux. This is not a paid tech support organization - if you want that, buy a RedHat subscription. 2. We are not here to do your job for you. If you think we should, perhaps you should pay us. Before asking us, have you: a) read the documentation (RTFM)? b) checked the CentOS wiki for howtos and FAQs? i) http://centos.org, and click on information ii) http://wiki.centos.org/ c) googled for documents on the Web? 3. Many of your problems have been discussed and solved. Feel free to ask for a link to the solution, or the discussion. I prospose rephrasing the above FAQ entries in a more neutral tone: 1) What are my Centos support options? Generally speaking, you have three options: 1) The centos-users mailing list. Developers, systems administrators and end-users all contribute on the mailing list on a best effort basis. Questions are answered as people's time and experience allow. This is a volunteer effort and there are no gaurutees anything will be answered or answered in a give time frame, though we do our best and historically are quite good. It is strongly recommended you search the archives first, as you can get an answer much faster and we can focus our time on new issues and projects. 2) The Centos IRC channel. The channel can be found on irc.freenode.net, channel #centos Same ground rules as the mailing list. 3) Commercial support. There are number of commercial support providers. They are best found by a search on your favorite search engine. Alternatively switching over to Redhat Enterprise Linux (RHEL) and purchasing a support contract is a good option. If you require answers or support at a moment's notice, this is your best option. Insert links to mailing lists and other resources approprate Just my two cents. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A proposed CentOS mailing list FAQ
Oops, some copyediting of my previous post and the addition of a managed services option to my FAQ suggestion follows: - I prospose rephrasing the above FAQ entries in a more neutral tone: 1) What are my Centos support options? Generally speaking, you have three options: 1) The centos-users mailing list. Developers, systems administrators and end-users all contribute on the mailing list on a best effort basis. Questions are answered as people's time and experience allow. This is a volunteer effort and there are no guaruntees anything will be answered or answered in a give time frame, though we do our best and historically are quite good. It is strongly recommended you search the archives first, as you can get an answer much faster and we can focus our time on new issues and projects. 2) The Centos IRC channel. The channel can be found on irc.freenode.net, channel #centos Same ground rules as the mailing list. 3) Commercial support. There are a number of commercial support providers. They are best found by a search on your favorite search engine. If you are open to not running your own systems then subscribing to a managed hosting provider who offers Centos as a platform is also a good option. Again, refer to your favorite search engine. Alternatively switching over to Redhat Enterprise Linux (RHEL) and purchasing a support contract is a good option. If you require answers or support at a moment's notice, this is your best option. Insert links to mailing lists and other resources approprate I do think it is worth the effort to get this FAQ out. Just because some users will ask questions without reading does not mean they all will. More importantly, is it possible to get this FAQ sent to people immediately when they subscribe to the mailing list? That would get us a lot of bang for the buck. Just my two cents. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Service monitoring/Monit?
I think you are missing my point. This is precisely what I do not want to do. The last bit here, I mean - i.e. I'm asking for a way to set up so the rename /etc/monit.d/sshd.conf to something different step won't be necessary. Depending on how much effort you are willing to put into this, you can get nagios to do this. There are two options: 1) Create a custom plugin that checks service [app] status or directly check the pid file and pgrep/grep for the app. 2) Write a small script that you stick into the service init script that tells nagios to start or stop monitoring a service. I used perl and LWP to do something very similar but you can probably find another CPAN module or something similar to act as interface to nagios. If you are comfortable with scripting and nagios you can bang out a solution in an afternoon. Option 1 you can probably do in less than an hour and is probably better for you. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Service monitoring/Monit?
I have a feeling that introducing nagios monitoring is a little too involved, though. I want to distribute the setup to external systems, so ideally there should be one monitoring package install and a simple enable command at the most, in addition to installation of the actual software. rpm -Uvh monit-version.rpm chkconfig monit on Is really quite ideal, except for the fact that it only nearly gives me what I want :-( Gotcha. Would a simple shell script be sufficient? Something like: --- while :## loop forever do /sbin/service [app] status if [$? -ne 0 ]; ## services which should be running, but are dead ## return a non-zero status code then service [app] restart fi sleep 120## sleep for about two minutes do --- Adding mail notifications and other standard functions would be trivial. To monitor various services just create add a for loop in there. Just a thought. -Geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: SysAdmin Stories
What will be the intended audience? How much technical detail can be mentioned? Does one assume that the readers know what is grub, initrd, xen, amavisd etc? - Jussi The intended audience is anyone in the Systems Administration or Systems Engineering field at any technical level. It is assumed basic technologies such as grub and initrd are already known, but not necessarily well understood. I may add technical introductions to those technologies if needed. Contributors should not worry too much about this, it is my job as editor/writer to make sure that needed relevant technical information is introduced as necessary. -geoff - Geoff Galitz Blankenheim NRW, Germany http://eifel-consulting.biz/ http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iSCSI / GFS shared web server file system
my impression is GFS requires shared storage, I believe there are ways around it, but take a look at this for setting up GFS for use with NFS iSCSI provides the basic foundation needed by GFS for shared storage, so the OP is good for that. GFS, however, is not exactly a simple technology to deploy. NFS is better for more standardized infrastructures where resources and time may be limited. GFS and other shared/clustering filesystems are great, but don't underestimate the resources needed to feed and care for them. OCSF2 over iSCSI is a good option to look at, too. There is also gluster. But NFS is going to be the mainstream approach with the best support and administration options unless the OP is running into some technical limitations. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] everything seems to hang, but system is idle?
Check dmesg. The kernel may be reporting disk or filesystem IO problems that are not going to syslog. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Rudi Ahlers Sent: Sonntag, 11. April 2010 14:49 To: CentOS mailing list Subject: Re: [CentOS] everything seems to hang, but system is idle? On Sun, Apr 11, 2010 at 2:25 PM, Rudi Ahlers rudiahl...@gmail.com wrote: On Sun, Apr 11, 2010 at 2:04 PM, JohnS jse...@gmail.com wrote: On Sun, 2010-04-11 at 12:58 +0200, Rudi Ahlers wrote: At the same time I can open a new SSH session and do whatevery I like. But it seems that running a command which takes time to complete hangs. --- Try killing off those rsyncs and try it again. You need to provide some other type of error messages. Use strace. tail /var/log/messages and paste it in your reply. Even if you don't see anything in it that does not mean someone else can't. You may need a reboot. ... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] everything seems to hang, but system is idle?
Thanx Geoff, Already checked that, without any decent lead either: Have you tried iostat, vmstat or sar to see if there is unusual activity? Were there any changes to the kernel lately (such as an update or a new module)? Or perhaps an NFS/CIFS mount gone wonky causing blocking? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centralised user authentication
it used to be called yp or yellow pages. it works with samba too. I'm new to centralized user authentication, and I want to learn how to do it. I've heard that NIS is a deprecated technology, and that one should favour LDAP over it. I'd be curious if someone could explain the facts behind this (or even if it's true or not). true LDAP is also much more robust and versatile. You can keep extending it for many things like mail routing/delivery/aliases, integration with Samba/Netatalk/ for Windows/Macintosh users, automounts, shared address books and more than just authentication. NIS is also extensible in this fashion.. to an extent. It can handle automounts and routing but not shared address books as an example. Just FYI. To address the question of NIS vs LDAP or other similar systems more directly, the NIS codebase is one of those applications that predates modern usage of the Internet and lacks secure coding principles that are necessary in today's world. In other words: it is not secure. That is one major reason. There is not much effort going into NIS these days, so bugs fixes and extensibility fixes are not likely to come in a timely fashion. It is poorly supported outside of the SunOS/Solaris/AIX world, in particular. I prefer NIS to LDAP, but that is most likely because I grew up with NIS. I find it easier to manage and edit, but it just doesn't fit the bill in today's world. I do not recommend it to any of my customers. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPSec VPN Setup?
I use Openswan regularly for IPSec VPN connections to remote sites. Although the documentation is a bit lacking it is pretty easy to get going once you've played with it a bit. It is reliable, widely available and the openswan users support list is responsive. If you have trouble connecting to the remote side, ike-scan can help in getting your key exchange settings right. That is usually the hard part, in my experience. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Ski Dawg Sent: Mittwoch, 10. März 2010 02:12 To: centos@centos.org Subject: [CentOS] IPSec VPN Setup? Hello Everyone, I have been tasked at work with setting up a VPN connection from our server to a client's network. The only problem is that I have never done anything like this before, so I am not sure where to start. We are running CentOS 5.4 on our server. I do not yet know what the client is running for their VPN, the only thing I know of from the client, is we need to use IPSec for our VPN connection to them. I have been googling, and have found quite a bit of information, but it is a little overwhelming, as I am new to setting up a VPN. Is the a standard method for doing this sort of setup that I am missing so far? If anyone has any quick pointers to get me started, that would be greatly appreciated. -- Doug Registered Linux User #285548 (http://counter.li.org) Never trust a computer you can't throw out a window. -- Steve Wozniak ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] compilers a security risk?
As was stated by others the compiler itself isn't any more of a security risk then any other tool. If a hacker can get root he can just as easily upload binary packages as he can compile source. It is still a wise decision to not have the compiler installed if it can be avoided. Any hacker that is not at a senior/high end intermediate level of expertise will not have all the different versions of his rootkit and other tools easily available for all the different OS distros and kernels that he'll find on the Internet.. so I'd say that most hackers cannot just as easily upload binary packages because of the wide array of support that he'd need. Admittedly since Centos/RHEL is such a big presence there is a higher degree of likelihood that he'd have the right tools in a binary package at hand, but he'll still have to expend more time and effort, not to mention that the uploads are more likely to be noticed. Making the bar higher, even in little increments, is a basic tenant of systems security. Never dismiss the power of baby steps. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Slightly OT: check creation of a group
Apparently I can't seem to negate the test, e. g. something like if !(grep medintux /etc/group) Any suggestions for the correct syntax here ? I'd do it like this: grep medintux /etc/group if [ $? != 0 ]; then echo Group not found fi - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to backup virtual machines fromCitrix XenServer.
If the goal is to backup the VMs rather than the Citrix XenServer Dom0, I find that exporting each VM to a shared disk (NFS, iSCSI, whatever) is the easiest solution. If you need zero-downtime, then make a snapshot of the VM and then export it. I did this specifically for the purpose of disaster recovery. Recovering individual files or datasets from within a VM is also possible but is slightly more of a hassle. I have some scripts that do this that I'm willing to share. BTW... Centos and Citrix XenServer are different enough that these kinds of questions should probably be asked on the XenSource mailing list or the Citrix forums. You can get potentially misleading advice otherwise. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] best parallel / cluster SSH
In (HPC) clustering pdsh is very popular. It's available in .tgz with spec-file and rebuilds nicely on c5 with rpmbuild -tb ... https://computing.llnl.gov/linux/pdsh.html Coming from the HPC world I've been a long time PDSH user. I believe it is available in rpmforge, so there is no need to rebuild it if you don't want. I highly recommend it. In addition to the examples already cited, you can build a text file of commonly used groups of nodes and just use that to point PDSH at. If you really, really want to get fancy you can... but for more advanced uses just peek at the docs. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Display a warning message at a certain time ?
3) But when I add it to crontab like this : # crontab -e 15 22 * * * /usr/local/sbin/warning.sh ... nothing happens at the given time (10:15 PM). Any idea what's wrong here? Any errors from a cron run go to your root mailbox (or whatever user's crontab it is, when applicable). Check your root mailbox for an error, I'm assuming the PATH to zenity is not set correctly. That is the usual culprit in a case like this. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Display a warning message at a certain time ?
I think the problem boils down to this : How can I run a graphical application from crontab ? I gave it a shot with a simple one (/usr/bin/gcalctool) and didn't succeed either. I think if you did something like this: -- #!/bin/sh # set DISPLAY export DISPLAY=localhost:0 # send the message /usr/bin/xmessage -timeout 120 This is my message # exit cleanly exit 0 - You'd be ok. Run that as a script, making changes for your system where appropriate and then run that script from cron. Cron makes very few assumptions about your environment, your PATHS and other environmental variables are not getting set. If you run this a script suing #!/bin/sh you should get a default environment as defined by your installation. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cannot mount NFS share, portmap problems, what todo?
/var/log/messages gives me this: Feb 3 13:44:23 mercury portmap[2221]: cannot bind udp: Address already in use The first thing I would do is to see if there is something running on the portmap port: # netstat -ap --inet Check for sunrpc (which is the service name associated with the portmapper, as listed in /etc/services). - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://www.galitz.org/ http://german-way.com/blog/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cannot mount NFS share, portmap problems, what todo?
Should it be running, or not? r...@mercury:[~]$ netstat -ap --inet | grep rpc tcp0 0 *:sunrpc*:* LISTEN 6458/portsentry udp0 0 localhost:filenet-rpc localhost:filenet-rpc ESTABLISHED 1980/postmaster It looks like you need to deconfigure portsentry from listening on that port and then you should be good to go. IOW, portsentry is ok to run, but not on your portmapper port when you need to run portmapper. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://www.galitz.org/ http://german-way.com/blog/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Display a warning message at a certain time ?
xmessage is another option. I use it from time to time. It would need minimal dependencies if that is a consideration. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ I'm currently installing a CentOS 5 desktop as a public internet access point. The machine shuts down every day automatically at 22:30. Is there a way I can display a message in GNOME at 22:15 warning the user that the machine will shutdown in 15 minutes ? Any suggestions ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization - what do You recommend?
Xen From the CentOS side it's very similar to KVM if you use the virt tools. Performance is extremely good with paravirtualized machines. It's a workhorse and quite stable, but the GUI is not so great. Networking is a bear to configure. Requires separate kernel. I've never quite gotten the Xen migration to work. There is also the XenServer distribution from Citrix. I use that for a number of customer projects and have found it to be the most stable, featureful and easiest server grade hypervisor solution. The base feature set is free (like ESXi) but you do get a few more features. The officially supported management console is Windows only, but there is a Linux port available that I've heard works well. I've had no problems at all with the networking support using XenServer... and that is one of the reasons I use it, in fact. Xen in general has better hardware support than VMWare. If you need to build virtual appliances or are looking for virtual appliances to use for it, though, VMWare and even the regular old Xen on to of Centos/whatever has more support than XenServer. Just FYI. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NFS vs SMb vs iSCSI for remote backup mounts
The CIFS mounts can't be unmounted without a reboot, so they build-up a pool of mounts to the same server which cause extra latency Is there an environmental restriction in your application or organization for this? Normally CIFS mounts can umounted easily in runtime. At any rate... if I were in your shoes and really restricted to the options you propose, I would go with CIFS mounts through IPSEC tunnels. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://www.galitz.org/ http://german-way.com/blog/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Advanced fsck?
It is probably not a bug... most likely you have additional filesystems that need checking. If you are unsure about what filesystems to check, use the -A flag to fsck: # fsck -A That will check all applicable filesystems listed in your /etc/fstab file. It is also possible that the filesystems are too severely damaged to be repaired from single user mode. In that case you'll need to download a Centos CD and use rescue mode and hope that you can recover. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ Thank you for your reply . I have received my CentOS server as pre-installed , with no CD accompanied . Is there any other way to fix the bug? Thank you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] any significant differences between centos and OEL?
CentOS support, so we don't impact RH's business. Oracle on the other hand DOES offer paid support, which impacts RH's business, and I don't see any substantive attempts by oracle to give anything back to the community at large. Just to be fair to Oracle on this count, they do give to the community: - Free OS: OEL - Free databases (no cost): Oracle XE - Free cluster/parallel filesystems: OCFS2 - And quite a bit more... all available at oss.oracle.com In terms of OEL, the technical details all revolve around a RH based Linux that can run Oracle with pre-tuned parameters (memory settings, disk buffers and so on). They also support other OS distributions including Debian (*) and Solaris. * DISCLAIMER: I have customers (and therefore a business relationship with Oracle) that run Oracle XE on Debian Lenny. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble shooting slow ssh logins
The ipv6 line was strange but I read a while back, some tech note about ensuring that is your last line in hosts. Perhaps IPv6 is enabled. I had a few instances where I turned it off during install, but found it enabled at runtime. I had assumed I was being careless during install... but perhaps this a bug. Check the interface using ifconfig to see what it's status is. In terms of tools for debugging, I would use strace/truss after using the -v switch to ssh. Strace and truss will show you what system functions are being called during application runtime (by the ssh client, in this case). -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Determine security updates
is there a way / software to find out which security patches my different CentOS systems are missing? Maybe with the according CESA announcement displayed? I'll put in a plug for a software project that I am developer/contributor for, OpenVAS (Open Vulnerability Assessment Scanner). http://www.openvas.org If you configure OpenVAS to use a SSH enabled login account, it will tell you which security patches you are missing. If you do just a remote scan, it will give you an incomplete list of missing patches. It is cross-platform too. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Determine security updates
I look at this a while back, well over a year i think now. And the problem was that openvas does not actually test for the Vuln but it tries to use content to assume the exploits will not work. That is a very risky situation to get into. In terms of a proper security assessment; this is a debate that we have within the OpenVAS developer community and I am actually on your side with this. I won't bother the Centos list with more details than that unless anyone specifically wants me to go into greater details except to say that this is not technical limitation, just a policy of the authors who are writing the testing scripts. However, in terms of simply looking to see what known patches are missing, the current method of assessment is sufficient and complete. The question assumes that patches already exist and therefore they can be queried for in the RPM database to see if they exist (with the needed info encoded in the release strings). If we are talking about missing patches that do NOT exist, IOW, looking for vulnerabilities that the Centos devs or upstream have not addressed yet... then other tools may be more appropriate. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mysql Workbench
In the same vein, is there a publicly available build system for centos where people can submit the source tar.gz and get hotly baked rpm and the icing would be with some way to resolve dependencies?? I don't of a website, but you can use checkinstall which will do the job on one of your own machines. Be aware that the lastest versions have a bug which makes you jump through a couple extra hoops... but it is the only tool to do that, to my knowledge. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] centos IDM + sogo
Hello, We are testing the Centos LDAP Directory Server but are running into issues with applications (SOGo) authenticating against the LDAP system. The crux of my question is, can I just treat the Centos Directory Server as a generic OpenLDAP configuration on the client side? In more detail when I try to add account via ldapadd: ldapadd -f sogo.ldif -x -W -D cn=Directory Manager,dc=XXX,dc=de Enter LDAP Password: ldap_bind: No such object (32) matched DN: dc=XXX,dc=de --- It is my understanding that this means the Directory Manager user was not found. User authentication does not work from SOGo, at all. Any pointers? - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server packet loss and becomes unresponsive
Does ifconfig or dmesg show any errors? If the answer to those is no, I'd start running sar to see if there is abnormal behavior which could indicate a hardware problem. Of course, another possibility is a DDOS. Do you have any kind security monitoring or protection in place? -geoff - Geoff Galitz Blankenheim, Germany http://www.galitz.org On Tue 03/11/09 04:38 , Timothy timmy...@progressivemarketingnetwork.com sent: I am at a lost with this server of mine. I have replaced everything except just replacing the entire server. The server is running at a low load but every so often it starts to have high packet loss / latency(the average ms for me is 80 but it jumps to 4000 during this period) and eventually becomes unresponsive. All traffic seems normal, no unusual activity. But once or twice a month it starts to get packet loss and after an hour or two it crashes. The network itself is fine. All other servers on the same subnet work fine. Any ideas what could be causing this kind of behavior? Thanks, Tim ___ CentOS mailing list CentOS@centos.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPSec VPN Under CentOS 5.4
Openswan is your friend. I have it running (under OpenSUSE) and it is quite easy. I tend to favor IPsec over SSL as I don't like to have openssl as a dependancy. http://www.openswan.org -geoff -- Geoff Galitz Blankenheim, DE http://www.galitz.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPSec VPN Under CentOS 5.4
Geoff Galitz wrote: Openswan is your friend. I have it running (under OpenSUSE) and it is quite easy. I tend to favor IPsec over SSL as I don't like to have openssl as a dependancy. http://www.openswan.org On the other hand, if you don't have a strict requirement for IPsec, it is much easier to get the udp or tcp packets that work for openvpn through NAT and port-forwarding routers. True for port fowarding, but current versions of Openswan (that is, currently available in most public repos) work just fine with NAT. I am using it in NAT environment and I did not have to make NAT/Masquerading adjustments. This was not always the case, and the Openswan docs still refer to adjustments for NAT networks... but as I said it works just fine for us without adjustments. -geoff -- Geoff Galitz Blankenheim, DE http://www.galitz.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
On 09/29/2009 09:21 AM, Geoff Galitz wrote: Ubuntu has the LTS releases, which are long term stable releases. They are supported for five years after release. you might want to look into exactly what is ubuntu-support and how that compares with what you get with CentOS. Its not nearly the same thing. To an extent that LTS is mostly considered a nonstarter in most very small business. Specially where the client is in a position to evaluate their options and work out the implications of what they are getting. It always surprises me how many are not. Would you mind elaborating on your views on that? I did some basic research on the LTS offerings and I don't see any significant differences with the exception of porting elements from Debian testing. What constitutes real LTS in your view? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
1) Ubuntu really needs more frequent total updates (it is not a long-term stable release). The Ubuntu system that was on the local library's server was unable to get updates (apt-get would fail -- I ended up manually downloading packages and installing by hand (using raw dpkg commands -- ala using raw rpm instead of yum). Ubuntu has the LTS releases, which are long term stable releases. They are supported for five years after release. I run Ubuntu along with other Linux distros for various purposes and I've never had an update problem with it. Perhaps that system was pointing to a flaky mirror? Perhaps it is getting trendy to beat up on non-Centos distros here on the Centos list? - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sadc output to a circular file of given size?
There is a tool in BSDland called fifolog. It does exactly what you want, but is BSD only to my knowledge. Perhaps you can port it, I can't imagine it would be that hard. You do need to read the data using the fifolog tools, though. It does not store data in pure text. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to tell if I've been hacked?
Also processes you thinkk you DO recognize: Just for testing how alert my co-workers were, i had a program called kswapd, just calculating prime-numbers... They never noticed. ;-) Without any preperation it's harder. No point in installing tripwire, activating apparmor/selinux afterwards. Those things should be done after a fresh installation. Indeed. I once found a gdm binary that had been subverted. I'm certain that would fly below the radar of many organizations. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: hardware newbie p9115-505
The second options is to use the serial port on the machine itself (you will need a null-modem cable for this). Then using things like minicom or hyperterminal you can access the console. On the off-chance you are using a Vista laptop to connect via the serial port, you can use putty (usually used as an SSH client) to connect. Hyperterminal was pulled from Vista. I use putty for serial port access regularly. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update
Can any one clarify this, is auto updating at all production servers recommended or not? need to know your opinion, how do you manage the update? I've worked on projects where backend configuration files changed in syntax or architecture between releases, which were released as updates... so I know for a fact updates can break a running system. I always disable auto-updates on production systems, and run the updates during a schedule maintenance window. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Cmake on Centos
Have folks been using Cmake on Centos5 without issues? I have installed an RPM for it, but I've been running into some apparent configuration issues. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] German Centos/Linux Group in Cologne/Bonn/Aachen
It seems there are a number of Centos users in the Cologne/Bonn/Aachen area of Germany. If there is not one already (and please let me know if there is!) I'd like to start a Linux User Group (including Centos) for this area. I'm way down in Blankenheim, though. Would someone like to volunteer a location? I envision alternating meetings between the three cities if possible... just to make it fair for everyone who has to travel. I'll even propose Friday August 14th for our first meeting. Any interest? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cmake on Centos
Yes, I successfully use cmake-2.6.4-7.el5 from the atrpms.net repository. Have a look at atrpms.net for getting the file. For me it worked out of the box on a CentOS 5.3 x86_64. Thanks! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos convert to rhel and support
tell said managers to open the coffers and pay for support if they are that worried Maybe they would, but there is no content on the Centos wiki on the commercial support page. Considering the allegations of mishandling of funds, I doubt any organization would donate directly Centos at this time. I'm not trying to be a pest about that commercial support page, but it is frustrating. I know the team said they would bring it up at the next dev meeting, but I have no idea when that is/was and what may have happened. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ /listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Drupal installation
Honestly, I think you would then be better off with something else. Drupal is one of the more powerful, but also more complex CMS systems available. I strongly agree with this statement. I was using Drupal for my personal and business websites, but the complexity (the not exactly intuitive interface, to be exact) was more bother than it was worth in my case. I now use CMS Made Simple for my business site and Wordpress for my personal blog. Here are the websites just so you can see a live example: Business: http://www.eifel-consulting.biz Personal: http://www.galitz.org - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CENTOS 4.8 available time????
Four of the security updates are labeled Critical. *Normally* they are released within 24 hours but CentOS-4 updates are all on hold until 4.8 is out. If I understand this correctly... we have critical updates with patches available but they are waiting about a week before they become available in the form of Centos 4.8? Is that accurate? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT:CMS
We're migrating from Joomla to Drupal at the moment Why are you migrating away from Joomla? - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there an openssh security problem?
is there a security issue on CentOS 5.3 with openssh 4.3? If this is a real zero-day exploit.. then yes, there is an issue. The following link may be the best source of information at the moment: http://isc.sans.org/diary.html?storyid=6742 FWIW, I think the second comment about RHEL/Centos in the referenced post is a little off-base. After all, you have to know that a bug exists before you can fix it. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dag's comment at linuxtag
The project is a confluence of a sub-project under the cAos project, Is this still true? Is Centos still officially associated with cAos? Or was that supposed to be in the past tense? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] what would be happen if swap partition is not?
A swap partition is not essential to system operation so long as you have enough RAM. Most modern systems have more then enough RAM and can probably live without a swap partition . True, but to answer the original question: If a system without a swap device needs to swap (and cannot) it will crash with an appropriate error message. Hopefully you would not get to that point; your processes should be killed when they run out of memory, but Linux's memory management scheme is not the simplest and you can run into issues where the kernel is unable to avoid a swapping situation. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dag's comment at linuxtag
The aim was to create platform, not strictly focused on enterprise. We wanted create something mixed. Something with enterprise, testing, backport levels and efforts. The project has been started but never really haven't happened. I'll go on the record as being willing to volunteer to help with a distribution/version neutral repo. Such a thing would benefit my business. Is anyone currently leading this project? - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] commercial support page
So we had that nice long thread about the commercial support page a week ago. There were a few recommendations on changes to the page. What next? It is not clear to me if any recommendations were accepted or are being debated internally or if this fizzled out somehow. Is there any process to this kind of thing other than a few developers agreeing it a good thing and then just doing it? I'm not complaining, but I am genuinely curious. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] filesize limitation in CentOS or exim?
Oh my! Did you verify the size of the main.log file? 2TB of mail.log data strikes me as too much. Are you rotating your logs? Is there a lot of spam moving through your system? Assuming you are running this on an ext3 filesystem you cannot increase the maximum file size beyodn 2TB. If you really do need bigger files than that then you should think about XFS or ext4. Exim does not have a max supported log size... at least I could not find it in the docs and I've never had that problem when running exim. Can you double check the size of mail.log and that is being rotated? - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://www.galitz.org/ http://german-way.com/blog/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] server is always getting hacked
I am not sure what else measures I can take. Can someone please assist? 1) Make a good backup of the hacked system for data archival and forensic analysis. 2) Take the affected system off-line. 3) Check all other systems in your company as they are definitely at high risk. 4) Completely re-format and re-install any and all hacked boxes. 5) Change all passwords everywhere and make sure they are not recycled. Once the baddies got in, they had the chance to install a rootkit. If you inspect your box and do not see a rootkit it just means they did a good job of hacking your box and there is most likely one installed, anyways. Once the baddies get access to your box the game is over. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Slow CentOS VM when running off the network
I've mostly used the free VMware server and player, but thought the networking support was about the same as Virtualbox. What have you found that is significantly different? So far I mostly prefer VMware server for the ability to run the console and disconnect/reconnect where with virtualbox you seem to have to decide ahead of time if you want a console or not - but I'm not a big fan of the new web console in the 2.x series. There are two major issues I've had with VMWare Workstation that have not occurred in VirtualBox: 1) When the host network connection comes and goes (either intentionally or otherwise) the networking to and from VMWare VMs fail completely and cannot be restored without a host reboot. 2) DHCP via an external system (router/gateway) often fails to the VMs with nothing more than timeout errors in the VM logs. VirtualBox has issues to, as does most software, so I end up using both to get all of my testing and simulations done. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] link to commercial support page isn't really helpful
Commercial support is currently unavailable, although this is being investigated by the community. The difficulty is that CentOS is a volunteer run effort. Don't overreact Spiro. I really like your blurb, but the difficulty sentence has a negative ring. Please rephrase that single line and you get a gold-star. ;-) I (amicably) object to the currently unavailable phrase. As has been mentioned support is available. I would suggest the following change: Currently the Centos Project cannot endorse any specific support offering and does not directly offer commercial support. Support is available from third party consultants and firms. Volunteer support is available via IRC (channel #centos), Centos mailing lists and the Centos forums. - I would avoid making any promises like we are working on a support program or working on an endorsement program simply because there is no telling when such a program would get rolled out. Keeping people waiting around for a long time is not so good for the Centos image. FWIW, I think we should lighten up on the original poster. He asked a simple question, he got an answer. There's no need to beat up on each other... it is not constructive. -geoff - Geoff Galitz Blankenheim NRW, Germany http://eifel-consulting.biz/blog/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] link to commercial support page isn't really helpful
i'm not the right person for that as i am utterly clueless about what possibilities you're exploring at the moment. that has to be done by someone at centos who's involved in it. More to the point, what is in the works? I certainly provide Centos support to my customers who have Centos. Does that make me eligible for the list on that page (hypothetically)? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Slow CentOS VM when running off the network
Shared folders without a network? How does one set that up? This is a good link to get you started (it is for Ubuntu, but should work just fine for Centos): http://www.howtogeek.com/howto/ubuntu/how-to-share-folders-with-your-ubuntu- virtual-machine-guest/ FWIW, I had to start migrating some of my work away from VMWare in favor of Virtualbox due to the lack of good networking support in VMWare Workstation. Your mileage may vary, of course. - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Slow CentOS VM when running off the network
Are you running VMWare Workstation or Server? I am running VMWare Workstation under MS Vista with a bunch of Centos guest VMs. I noticed that when my Vista host network connection changes state (becomes unavailable or becomes available for any reason) that the VMWare software switch has real trouble. I often lose my ability to DHCP, for example. Or perhaps DNS is impacted. It is my feeling that their networking code is just not very robust. Would using shared folders be a viable alternative? -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.3 - Apache - Under Attack ? Oh hell....
And if you have other server set up identically, you might want to check/secure them before they too are owned Nevermind identically; you should check all of your systems. If this is a business environment, you should really think about getting a professional vulnerability assessment or at least a tool to do a vulnerability assessment that you can run yourself. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.3 and XFS
xfs kmod's for centos-5 have so far been done within the centos loop, but this is interesting - looks like 5.4 might have a tech-preview for xfs included in. FWIW, at FOSDEM 2009 Ted T'so said that he anticipated official XFS support from Redhat in the near future as they recently hired some experienced XFS engineers. It was not an official announcement of any kind, he was just speculating during a presentation on ext4. It's all just speculation until we see the goods, of course. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wake on LAN
This is a decent reference: http://en.wikipedia.org/wiki/Wake-on-LAN I wrote WoL code for cluster provisioning software earlier in my career. It is actually quite simple. So long as your motherboard/NIC support WoL and you have ACPI support then a simple shutdown will halt your OS but the NIC will still have power. The NIC is ready to receive the magic packet while in this state. You simply need to send the packet from anywhere else on the net (it could be sent over the Internet, it does not have to be on adjacent LAN) and the system will power up. Easy. I've used it on Centos 4.3 and I know it works there. There are tools out there that make it easy to send the packet (works just like ping) or you can write your own. -geoff - Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/ -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Timothy Murphy Sent: Samstag, 4. April 2009 22:32 To: centos@centos.org Subject: [CentOS] Wake on LAN Has anyone experience with WOL under Centos (5.3).? If so, how exactly do you put the machine to sleep, and how exactly do you wake it up remotely? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Parallel/Shared/Distributed Filesystems
Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of nate Sent: Montag, 10. November 2008 16:32 To: centos@centos.org Subject: Re: [CentOS] Parallel/Shared/Distributed Filesystems If you really want GFS then I would look into running NFS over GFS with a high availability NFS cluster. Red Hat wrote this useful doc on how to deploy such a system: The main issue is that we feel that our current solution (Linux NFS Clients - NetApp) is not sufficient. Our team comes from a Solaris background (my colleague) and an HPC background (me) and are worried about running into scalability issues as our infrastructure grows and the internal network becomes busier and busier. We've already been wrestling with issues such as broken mountpoints, stale mounts and unrecoverable hangs. Fortunately those issues have all been resolved for now, but as we continue to grow we may see them recur. Consider all that as background. The NetApp is running out of space and we prefer to not replace it with another one, if possible. To that end we are exploring our options. I played around with iSCSI, Multipath and NFS and have found that works quite well so far. Queuing data for delivery when a node become unavailable using multipath would be sufficient for our needs. Our internal monitoring systems can take action if a server becomes unavailable and the data can be queued up long enough for any recovery actions to complete (apart from the next big earthquake). We do not necessarily require a more traditionak redundant storage system (such as an NFS cluster with dedicated NFS server nodes)... but we are not ruling that out, either. Just all food for thought. -geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] device driver useage
Thanks. Unfortunately that link does not appear on my Centos box. I will simply file this under would be thing to have in the future. Perhaps I just found myself a neat little project. -geoff Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott McClanahan Sent: Donnerstag, 23. Oktober 2008 16:20 To: CentOS mailing list Subject: Re: [CentOS] device driver useage On Thu, 2008-10-23 at 13:22 +0200, Geoff Galitz wrote: Under Centos 5.X, how can I determine with 100% certainty what driver is associated with a given device other than referencing dmesg? For example, what tool can I use to tell for sure what driver is attached to my eth0 device? One way is to crawl the sys file system. On one of my systems the driver can be seen by viewing the target in the /sys/class/net/eth0/driver link. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] cpan2rpm and alternatives
cpan2rpm is getting relatively old, compared to some of the newer things that can be done with the CPAN and RPM build procedures. The latest version isn't available on its sourceforge site and the What are the newer procedures? I'll be needing to do this in the very near future. I was contemplating writing some sort of yum plugin or external utility that can leverage whatever current procedures exist and register a CPAN install in the RPM database... but I'm not sure it is worth the effort and I do realize that breaks the whole Centos testing and reliability model. Still, there are some functions cannot be found in the usual places that do exist in CPAN. -geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] device driver useage
Under Centos 5.X, how can I determine with 100% certainty what driver is associated with a given device other than referencing dmesg? For example, what tool can I use to tell for sure what driver is attached to my eth0 device? I have searched the web, but could not find anything that answered my question. Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] ls and rm: argument list too long
piping ls to xargs should do the trick. man xargs for details. Ok, thanks for ideas, Laurent and Lawrence. A strange limitation in ls and rm, though. My friend said he hasn't seen that in Fedora. Are you sure you are comparing apples to apples? There is nothing particularly Centos specific about this problem. I've seen it on a variety of *NIX systems over the years, though I presume some distributions or UNIX variants may have upped the buffer size. Here is an interesting blog post which illustrates how you can get into this kind trouble: http://stevenroddis.com/2006/10/07/binrm-argument-list-too-long/index.html -geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Multiple Linux instances on the same box- dual/triple/etc boot ?
Quote: .. Yes, this seems like a case where virtualisation is a good solution. I've only just started learning to run Xen myself, but the advantages of virtualisation over dual/triple booting etc are pretty clear. As well as the ones you mention, different machines can also be run concurrently and networked. .. FWIW, my job consists primarily of writing tools to support various cluster infrastructures and I rely pretty heavily on virtualization to test my code. I regularly run 5 machines in a single instance to test my stuff. Currently I use VMWare Workstation (the team support is a good fit for me, I can add and remove nodes to various clusters using this, easily). I can these systems in 5GB of RAM but the networking between nodes is a bit slow. It is only noticeable when moving medium-large datasets (+1GB) around. -geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Strange ! characters inserted into emails
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sean Carolan Sent: Donnerstag, 18. September 2008 18:30 To: CentOS mailing list Subject: [CentOS] Strange ! characters inserted into emails The quick brown fox jumped over the lazy dog. ends up looking like this: The quick b !rown fox jumped over the laz !y dog. ... --- Are the e-mails corrupted the exact same way each time? IOW, does the above example always arrive as The quick b !rown fox jumped over the laz !y dog. even if you send it 10 times? You might want to save the e-mail to disk and use a hex editor to see if there are unprintable characters in there. -geoff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Nagios 3 RPMs
Is anyone working on Nagios 3.x RPMs? If not, perhaps I'll whip some up and submit them to some appropriate repository. Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] small window manager
I use XFCE for my resource starved environments (cluster simulations using virtualization environments). It works well and integrates nicely into the Centos deployments. -geoff Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Bijnens Sent: Dienstag, 2. September 2008 11:02 To: CentOS mailing list Subject: [CentOS] small window manager What is an alternative X window manager, supported by CentOS, that has very small memory footprint? ... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Lightweight MTA for XEN CentOS guests
I like exim for this purpose. I used to run a number of high performance clusters and some of the nodes needed to send status information via e-mail. Exim was just right for me. It is also pretty easy to configure. http://www.exim.org/ Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Serkez Sent: Montag, 18. August 2008 22:00 To: CentOS mailing list Subject: [CentOS] Lightweight MTA for XEN CentOS guests All, For a production environment, I'd like to setup CentOS XEN guests as lightweight as possible. I'd like the XEN guests to be able to send nightly email as all CentOS servers do, but there is no reason to run a mail server as the CentOS Dom0 already has an email server running that can act as an email smart host. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Spacewalk from Redhat
Maybe this will answer your question in regards to database choice (directly from the wiki FAQ): - Spacewalk Architecture Why do you use Oracle? Any plans for supporting other databases? Originally the Spacewalk code base was used as a hosted application and Oracle was a good choice for a hosted application in 2001. Over the years open source databases such as PostgreSQL and MySQL have improved tremendously in terms of stability, speed, and scalability. We have not had the resources allocated in the past to add support for an open source database but want to do so soon. What if I don't have Oracle? See the instructions here for information about the XE version: OracleXeSetup -- IOW, you can get an Oracle instance (apparently) for free to support Spacewalk. -geoff Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amos Shapira Sent: Dienstag, 1. Juli 2008 09:53 To: CentOS mailing list Subject: Re: [CentOS] Spacewalk from Redhat 2008/7/1 Tom Lanyon [EMAIL PROTECTED]: On 01/07/2008, at 2:19 PM, Amos Shapira wrote: 2008/6/30 Bazy [EMAIL PROTECTED]: Hello, Is anyone using Spacewalk (http://www.redhat.com/spacewalk/) on CentOS 5 or 4? What kind of hardware are you useing it on? Do I read it right that it requires Oracle 9?? (http://tinyurl.com/6rff8l) or am I missing something? 9 or 10, I believe. Blahh 9, 10, whatever - it's not free. I'd sort of expect it to work with PostgresQL/MySQL. Weird choice, as the guy who works for me put it. Thanks for the clarification. --Amos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] dm-multipath use
Are folks in the Centos community succesfully using device-mapper-multipath? I am looking to deploy it for error handling on our iSCSI setup but there seems to be little traffic about this package on the Centos forums, as far as I can tell, and there seems to be a number of small issues based on my reading the dm-multipath developer lists and related resources. -geoff Geoff Galitz Blankenheim NRW, Deutschland http://www.galitz.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos